Hi, after reading and searching the archives (http://mail-archives.apache.org/mod_mbox/cloudstack-users) i found no answer to still existing problems regarding the systemVM (cp and ssvm) which are:
1.) wrong route to public ip of the CS Management server host (public IP) 2.) not setting the right MTU via the global option secstorage.vm.mtu.size (SSVM) There's one thread metioning the MTU problem but i didn't any jira bug reports reagarding it ! Link: https://www.mail-archive.com/users@cloudstack.apache.org/msg20632.html Ad 1.) Checking the up2date git source (line 242 link below), the public interface, which always is "eth2" has been not taken in credit when it comes to the erroneous routing via eth1 (mgmt interface) instead of eth3 (public interface) ! Since the interface order is static why eth2 will not be taken in credit for public internet ? ( see /etc/init.d/cloud-early-config around line 448) The function (addRouteToInternalIp) has to be (addRouteToPublic IP) since, imho, a route to the public ip of the management server will be added and not to the "internal" IP (what that will be ?!?). For me, the function must take eth2 in credit and also check that eth2 is the public network. Setting of mgmt network: management.network.cidr: 10.54.2.0/24 (not taken in credit imho) Log: 2016-12-19 08:54:53,889 DEBUG [resource.consoleproxy.ConsoleProxyResource] (main:null) addRouteToInternalIp: localgw=10.54.2.252, eth1ip=10.54.2.169, eth1mask=255.255.255.0,destIp=xxx.29.149.206 But eth2 is in the same subnet, so there must be no hostroute via the management ip !!! Interface: eth2 Link encap:Ethernet HWaddr 06:0d:fe:00:00:08 inet addr:xxx.29.149.196 Bcast:xxx.29.149.207 Mask:255.255.255.240 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:22290 errors:0 dropped:0 overruns:0 frame:0 TX packets:4472 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1836855 (1.7 MiB) TX bytes:466901 (455.9 KiB) Interrupt:26 So my hotfix w/o altering the java code: (A cronjob check this every minute on both system vms: #!/bin/bash CLOUDSTACK_IP="xxx.29.149.206" IP="/sbin/ip route del" DEBUG=0 ROUTE_EXISTS=$(/sbin/ip route|/bin/grep $CLOUDSTACK_IP) if [ $? -eq 0 ]; then GW=$(echo $ROUTE_EXISTS|/bin/sed 's/.*via \(.*\) dev.*$/\1/g' 2>/dev/null) EXT_IP=$(echo $ROUTE_EXISTS|/bin/sed 's/^\(.*\) via.*$/\1/g' 2>/dev/null) if [ $DEBUG -eq 1 ]; then echo ROUTE EXISTS $ROUTE_EXISTS echo GW $GW echo EXT_IP $EXT_IP fi if [[ ! $GW =~ ^$ && ! $EXT_IP =~ ^$ ]]; then if [ $DEBUG -eq 1 ]; then echo "Will delete erroneous host route" fi $IP $EXT_IP via $GW 2>/dev/null fi fi 2.) secstorage.vm.mtu.size not taken in credit in the ssvm ! My fix: (ssvm) file: /etc/init.d/cloud-early-config (Line 1163) BEFORE: [ -n "$MTU" ] && ifconfig eth3 mtu $MTU && echo " mtu $MTU" >> /etc/network/interfaces AFTER: #[ -n "$MTU" ] && ifconfig eth3 mtu $MTU && echo " mtu $MTU" >> /etc/network/interfaces ifconfig eth3 mtu 9000 && echo " mtu 9000" >> /etc/network/interfaces Have these bugs been fixed in version 4.9.x ? System: CS 4.8.0.1 XEN 6.5.SP1 Best regards Franz
