[jira] [Created] (CLOUDSTACK-2607) [DOC][Multiple IPs PerNic] Best practices when VMs are connected to multiple networks

[venkata swamybabu budumuru (JIRA)]

venkata swamybabu budumuru created CLOUDSTACK-2607:
------------------------------------------------------

             Summary: [DOC][Multiple IPs PerNic] Best practices when VMs are 
connected to multiple networks
                 Key: CLOUDSTACK-2607
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2607
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Doc, Network Controller
    Affects Versions: 4.2.0
         Environment: commit # 85d54cd1c088997dd08f0328984bee1a55703636
            Reporter: venkata swamybabu budumuru
             Fix For: 4.2.0


Steps to reproduce :

1. Have a latest CloudStack setup with at least 1 advanced zone (in my case, I 
have a setup with KVM cluster running with 1 host)
2. Have at least one non-ROOT domain user
3. Login as the above user and create 2 networks

ISOLATED NETWORKS :

Network1 => 10.1.1.0/24 => VLAN : 900
Network2 => 10.1.1.0/24 => VLAN : 904

4. Create a VM (VM1) with two NICs connected to the above 2 networks

NIC1 => Network1
NIC2 => Network2

5. Have at least one secondary IP associated with NIC2 

NIC2 => Secondary IP => 10.1.1.121

NOTE : Make sure that the above ip is aliased properly on the right interface

for ex : ip addr add 10.1.1.121/32 dev eth1

6. Create a PF rule on Network2 and map it to the above secondary IP 10.1.1.121

7. Make sure that you are able to access the above PF rule without any issues.

8. Deploy another VM (VM2) with two NICs connected to the above networks

NIC1 => Network1
NIC2 => Network2

9. Have at least one secondary IP associated with NIC1 with the same IP as 
mentioned in Step 5

NIC1 => Secondary IP => 10.1.1.121

NOTE : Make sure that the above ip is aliased properly on the right interface

for ex : ip addr add 10.1.1.121/32 dev eth0

Observations: 

(i) The above situation landed in IP conflict.
(ii) Though the PF rule is created on Network2, it sometimes takes it to the 
VM2 NIC0 rather VM1:NIC1

To avoid situation like above, we may have to add documentation on how we can 
avoid.
===============================================================

One way of avoiding it is : Configuring different subnets when there are 
multiple networks connected to the same VM.



--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira