nvazquez opened a new issue, #6615:
URL: https://github.com/apache/cloudstack/issues/6615
##### ISSUE TYPE
* Bug Report
##### COMPONENT NAME
~~~
VR
~~~
##### CLOUDSTACK VERSION
~~~
4.14.1 and onwards
~~~
##### CONFIGURATION
Advanced networking with at least 2 public ranges
Network with one source NAT IP on one range, enable static NAT IP from the
other public range
##### OS / ENVIRONMENT
Tested with Vmware 6.7
##### SUMMARY
The outgoing traffic for VMs goes from one VR interface when the request is
initiated within the VM, however if the request comes from the internet to the
static NAT IP, then the reply goes from a different VR interface
##### STEPS TO REPRODUCE
~~~
- Add an additional public range on the physical network for a zone
- Create a network and deploy a VM on it
- Acquire an additional public IP from the new range on the network
- Enable static NAT on the new IP
- Verify a new VR interface has been created
- (if necessary enable egress rules)
- From within the VM, ping a server outside the network -> Verify the
traffic on the VR goes through one interface (for example with tcpdump)
- From outside the network, ping the VM static NAT IP -> Verify the request
on VR arrives to the same interface as the step above but the reply is sent
through a different interface
~~~
##### EXPECTED RESULTS
~~~
Same interface is used for the outgoing traffic
~~~
##### ACTUAL RESULTS
~~~
root@r-18-VM:~# tcpdump -i eth4 icmp -n
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth4, link-type EN10MB (Ethernet), snapshot length 262144 bytes
16:23:45.383531 IP 10.0.3.251 > 10.0.80.37: ICMP echo request, id 9332, seq
72, length 64
16:23:46.383363 IP 10.0.3.251 > 10.0.80.37: ICMP echo request, id 9332, seq
73, length 64
16:23:47.394501 IP 10.0.3.251 > 10.0.80.37: ICMP echo request, id 9332, seq
74, length 64
16:23:48.389304 IP 10.0.3.251 > 10.0.80.37: ICMP echo request, id 9332, seq
75, length 64
16:23:49.394640 IP 10.0.3.251 > 10.0.80.37: ICMP echo request, id 9332, seq
76, length 64
root@r-18-VM:~# tcpdump -i eth2 icmp -n
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), snapshot length 262144 bytes
16:23:53.407090 IP 10.0.80.37 > 10.0.3.251: ICMP echo reply, id 9332, seq
80, length 64
16:23:54.406632 IP 10.0.80.37 > 10.0.3.251: ICMP echo reply, id 9332, seq
81, length 64
16:23:55.414142 IP 10.0.80.37 > 10.0.3.251: ICMP echo reply, id 9332, seq
82, length 64
16:23:56.411103 IP 10.0.80.37 > 10.0.3.251: ICMP echo reply, id 9332, seq
83, length 64
16:23:57.412352 IP 10.0.80.37 > 10.0.3.251: ICMP echo reply, id 9332, seq
84, length 64
~~~
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
