Uploaded image for project: 'CloudStack'
  1. CloudStack
  2. CLOUDSTACK-8945

rp_filter=1 not set on VPC private gateway initially, but is set after restart of VPC router

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 4.4.4
    • Fix Version/s: None
    • Component/s: Virtual Router
    • Security Level: Public (Anyone can view this level - this is the default.)
    • Labels:
      None

      Description

      (on ACS4.4.4 with XenServer as hypervisor)
      Steps to reproduce:
      -create VPC router
      -Create private gateway on VPC router
      -now log on to the rVM via the hypervisor's link-local address
      root@r-46771-VM:~# sysctl net.ipv4.conf.eth2.rp_filter
      net.ipv4.conf.eth2.rp_filter = 0

      Restart the rVM via CloudStack (NOT restart VPC but restart the underlying router via CloudStack)

      -log on again:
      root@r-46771-VM:~# sysctl net.ipv4.conf.eth2.rp_filter
      net.ipv4.conf.eth2.rp_filter = 1

      The issue thus is that on initial creation it is not set, where it should be set immediately

      Note: when adding a regular network tier to the VPC config, that new interface IS configured with rp_filter=1. So it is limited to the private gateway NIC.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              aopgenoort Anton Opgenoort
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: