[Openstack] Duplicate ICMP due to public interface bridge being placed in promiscus mode
Adrian_F_Smith at Dell.com
Adrian_F_Smith at Dell.com
Fri Oct 14 15:01:49 UTC 2011
FWIW I've tested the setup you describe and I'm not seeing duplicate ICMP replies. Unfortunately I can't offer an explanation.
Adrian
From: openstack-bounces+adrian_f_smith=dell.com at lists.launchpad.net [mailto:openstack-bounces+adrian_f_smith=dell.com at lists.launchpad.net] On Behalf Of Shyam Kaushik
Sent: Friday, October 14, 2011 2:00 PM
To: openstack at lists.launchpad.net
Subject: [Openstack] Duplicate ICMP due to public interface bridge being placed in promiscus mode
Hi Vish,
In our openstack deployment we observe this:
Since linux_net.py/initialize_gateway_device()<http://linux_net.py/initialize_gateway_device()> does this
# NOTE(vish): If the public interface is the same as the
# bridge, then the bridge has to be in promiscuous
# to forward packets properly.
if(FLAGS.public_interface == dev):
_execute('ip', 'link', 'set',
'dev', dev, 'promisc', 'on', run_as_root=True)
Any VM spawned on the cloud controller node if it sends an ICMP ping to an external network gets duplicate replies (i.e. there are 2 replies for the same ICMP request). For VM's spawned on any other non-cloud controller this doesn't happen.
If we turn of promiscus mode on the bridge, the VM on cloud controller doesn't see the duplicate replies, but VM's on non-cloud controller cannot reach external network.
Question to you is, is this duplicate ICMP replies expected for VM's running on cloud controller due to above logic?
--Shyam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20111014/c69d016f/attachment.html>
More information about the Openstack
mailing list