[
https://issues.apache.org/jira/browse/CLOUDSTACK-8945?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16089745#comment-16089745
]
Boris Stoyanov commented on CLOUDSTACK-8945:
--------------------------------------------
This one is failing test_privategw_acl test in the smoketest suite.
{code}
Boriss-MacBook-Pro:~ bstoyanov$ ssh root@10.1.34.66<mailto:root@10.1.34.66>
root@10.1.34.66<mailto:root@10.1.34.66>'s password:
Last login: Mon Jul 17 08:07:34 2017 from 10.1.0.1
[root@VM-ba2a91c8-af1c-41d1-8cb3-18f599cdc673 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 02:00:08:91:00:01
inet addr:10.0.2.92 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::8ff:fe91:1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3157 errors:0 dropped:0 overruns:0 frame:0
TX packets:268 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:228782 (223.4 KiB) TX bytes:44853 (43.8 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:560 (560.0 b) TX bytes:560 (560.0 b)
{code}
Ping Failed
{code}
[root@VM-ba2a91c8-af1c-41d1-8cb3-18f599cdc673 ~]# ping -c 3 10.0.1.166
PING 10.0.1.166 (10.0.1.166) 56(84) bytes of data.
--- 10.0.1.166 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2000ms
{code}
Restarted both the redundant routers where VM 10.0.1.166 is and was able to
ping the machine from VM 10.0.2.92
{code}
[root@VM-ba2a91c8-af1c-41d1-8cb3-18f599cdc673 ~]# ping -c 3 10.0.1.166
PING 10.0.1.166 (10.0.1.166) 56(84) bytes of data.
64 bytes from 10.0.1.166: icmp_seq=1 ttl=62 time=3.03 ms
64 bytes from 10.0.1.166: icmp_seq=2 ttl=62 time=2.22 ms
64 bytes from 10.0.1.166: icmp_seq=3 ttl=62 time=1.67 ms
--- 10.0.1.166 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 1.673/2.310/3.030/0.557 ms
[root@VM-ba2a91c8-af1c-41d1-8cb3-18f599cdc673 ~]#
{code}
> rp_filter=1 not set on VPC private gateway initially, but is set after
> restart of VPC router
> --------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-8945
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8945
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Virtual Router
> Affects Versions: 4.4.4
> Reporter: Anton Opgenoort
>
> (on ACS4.4.4 with XenServer as hypervisor)
> Steps to reproduce:
> -create VPC router
> -Create private gateway on VPC router
> -now log on to the rVM via the hypervisor's link-local address
> root@r-46771-VM:~# sysctl net.ipv4.conf.eth2.rp_filter
> net.ipv4.conf.eth2.rp_filter = 0
> Restart the rVM via CloudStack (NOT restart VPC but restart the underlying
> router via CloudStack)
> -log on again:
> root@r-46771-VM:~# sysctl net.ipv4.conf.eth2.rp_filter
> net.ipv4.conf.eth2.rp_filter = 1
> The issue thus is that on initial creation it is not set, where it should be
> set immediately
> Note: when adding a regular network tier to the VPC config, that new
> interface IS configured with rp_filter=1. So it is limited to the private
> gateway NIC.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
