[cloudstack] branch main updated: network: Remove logic that creates gap for multiple 'source NAT' in VR (#5532)

Sun, 03 Oct 2021 02:26:12 -0700 

This is an automated email from the ASF dual-hosted git repository.

rohit pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudstack.git


The following commit(s) were added to refs/heads/main by this push:
     new e92ce91  network: Remove logic that creates gap for multiple 'source 
NAT' in VR (#5532)
e92ce91 is described below

commit e92ce916f34577ca5436aa6d63b00ccb3742e1e1
Author: Daniel Augusto Veronezi Salvador 
<[email protected]>
AuthorDate: Sun Oct 3 06:25:28 2021 -0300

    network: Remove logic that creates gap for multiple 'source NAT' in VR 
(#5532)
    
    In ACS, when a VPC has more than one public IP and a user tries to use the 
non `source NAT` IP with some feature/option (like `static NAT`, `port 
forwarding`, `VPN` and others), ACS adds the public IP (used for the 
feature/option) as `source NAT` in the `iptables` of the VR.
    
    Example:
    - VPC has one public IP `192.168.0.50` and it is defined as the `source 
NAT`.
    - If we assign another public IP `192.168.0.51` to the VPC and use it to 
execute `port forwarding`, ACS will automatically add `192.168.0.51` as `source 
NAT` too.
    
    Co-authored-by: GutoVeronezi <[email protected]>
---
 .../main/java/com/cloud/network/router/CommandSetupHelper.java   | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git 
a/server/src/main/java/com/cloud/network/router/CommandSetupHelper.java 
b/server/src/main/java/com/cloud/network/router/CommandSetupHelper.java
index e73a833..4bff1a5 100644
--- a/server/src/main/java/com/cloud/network/router/CommandSetupHelper.java
+++ b/server/src/main/java/com/cloud/network/router/CommandSetupHelper.java
@@ -717,17 +717,10 @@ public class CommandSetupHelper {
 
             for (final PublicIpAddress ipAddr : ipAddrList) {
                 final boolean add = ipAddr.getState() == 
IpAddress.State.Releasing ? false : true;
-                boolean sourceNat = ipAddr.isSourceNat();
-                /* enable sourceNAT for the first ip of the public interface
-                * For additional public subnet source nat rule needs to be 
added for vm to reach ips in that subnet
-                */
-                if (firstIP) {
-                    sourceNat = true;
-                }
 
                 final String macAddress = 
vlanMacAddress.get(BroadcastDomainType.getValue(BroadcastDomainType.fromString(ipAddr.getVlanTag())));
 
-                final IpAddressTO ip = new IpAddressTO(ipAddr.getAccountId(), 
ipAddr.getAddress().addr(), add, firstIP, sourceNat, 
BroadcastDomainType.fromString(ipAddr.getVlanTag()).toString(), 
ipAddr.getGateway(),
+                final IpAddressTO ip = new IpAddressTO(ipAddr.getAccountId(), 
ipAddr.getAddress().addr(), add, firstIP, ipAddr.isSourceNat(), 
BroadcastDomainType.fromString(ipAddr.getVlanTag()).toString(), 
ipAddr.getGateway(),
                         ipAddr.getNetmask(), macAddress, networkRate, 
ipAddr.isOneToOneNat());
 
                 setIpAddressNetworkParams(ip, network, router);

Reply via email to