[jira] [Commented] (CLOUDSTACK-9317) Disabling static NAT on many IPs can leave wrong IPs on the router

Sat, 04 Feb 2017 08:05:12 -0800 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9317?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15852834#comment-15852834
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9317:
--------------------------------------------

Github user remibergsma commented on a diff in the pull request:

    https://github.com/apache/cloudstack/pull/1908#discussion_r99469241
  
    --- Diff: core/src/com/cloud/agent/api/routing/NetworkElementCommand.java 
---
    @@ -38,6 +38,7 @@
         public static final String VPC_PRIVATE_GATEWAY = "vpc.gateway.private";
         public static final String FIREWALL_EGRESS_DEFAULT = 
"firewall.egress.default";
         public static final String ROUTER_MONITORING_ENABLE = 
"router.monitor.enable";
    +    public static final String NETWORK_PUB_LAST_IP = 
"newtork.public.last.ip";
    --- End diff --
    
    typo?


> Disabling static NAT on many IPs can leave wrong IPs on the router
> ------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-9317
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9317
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Management Server, Virtual Router
>    Affects Versions: 4.7.0, 4.7.1, 4.7.2
>            Reporter: Jeff Hair
>
> The current behavior of enabling or disabling static NAT will call the apply 
> IP associations method in the management server. The method is not 
> thread-safe. If it's called from multiple threads, each thread will load up 
> the list of public IPs in different states (add or revoke)--correct for the 
> thread, but not correct overall. Depending on execution order on the virtual 
> router, the router can end up with public IPs assigned to it that are not 
> supposed to be on it anymore. When another account acquires the same IP, this 
> of course leads to network problems.
> The problem has been in CS since at least 4.2, and likely affects all 
> recently released versions. Affected version is set to 4.7.x because that's 
> what we verified against.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to