[ https://issues.apache.org/jira/browse/CLOUDSTACK-9317?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15432145#comment-15432145 ]
ASF GitHub Bot commented on CLOUDSTACK-9317: -------------------------------------------- Github user jburwell commented on the issue: https://github.com/apache/cloudstack/pull/1623 If possible, I would like to get this fix into 4.8.2.0/4.9.1.0, but I will be cutting the RC shortly. @ProjectMoon could you please amend your commit message to include the JIRA ticket ID and an explanation of the motivation for the change? @rhtyd @borisstoyanov can we push this PR through Trillian with smoke tests and the following test suites: * ``test_redundant_router_cleanups`` * ``test_redundant_router_services`` * ``test_redundant_router_upgrades`` @murali-reddy Do you think we need to run any other test VR test cases for proper regression testing? > Disabling static NAT on many IPs can leave wrong IPs on the router > ------------------------------------------------------------------ > > Key: CLOUDSTACK-9317 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9317 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Management Server, Virtual Router > Affects Versions: 4.7.0, 4.7.1, 4.7.2 > Reporter: Jeff Hair > > The current behavior of enabling or disabling static NAT will call the apply > IP associations method in the management server. The method is not > thread-safe. If it's called from multiple threads, each thread will load up > the list of public IPs in different states (add or revoke)--correct for the > thread, but not correct overall. Depending on execution order on the virtual > router, the router can end up with public IPs assigned to it that are not > supposed to be on it anymore. When another account acquires the same IP, this > of course leads to network problems. > The problem has been in CS since at least 4.2, and likely affects all > recently released versions. Affected version is set to 4.7.x because that's > what we verified against. -- This message was sent by Atlassian JIRA (v6.3.4#6332)