[Openstack-operators] Please help!!!!Openvswitch attacked by ICMP!!!!!!!

applyhhj applyhhj at 163.com
Thu Sep 17 14:55:06 UTC 2015


Hi,
I followed The Guidance and tried to configure openvswitch(OVS) service. I first created a bridge br-ex and then added eth2 to the bridge. After that I set the IP of eth2 to 0.0.0.0 and then reboot the system. However br-ex was not up when system launched. So I turned on br-ex manually and then restart the network, but br-ex could not get ip from dhcp server. Thus I used “dhclient br-ex” to manually acquire IP. Well till then everything worked fine, but in the evening the Network Node was continuously attacked by ICMP package. Iptraf showed the following messages:
 
x ICMP time excd (56 bytes) from 4.69.143.125 to 166.111.61.xx on eth2                                                                                                                      
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xxx on eth2                                                                                                
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xx on eth2                                                                                                 
x ICMP dest unrch (host) (100 bytes) from 59.66.96.226 to 166.111.61.xx on eth2                                                                                                            
x ICMP time excd (56 bytes) from 4.69.143.125 to 166.111.61.xx on eth2                                                                                                                      
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xxx on eth2                                                                                                
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xx on eth2                                                                                                 
x ICMP dest unrch (host) (100 bytes) from 59.66.96.226 to 166.111.61.x on eth2                                                                                                            
x ICMP time excd (56 bytes) from 4.69.143.125 to 166.111.61.63 on eth2                                                                                                                      
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xx on eth2                                                                                                
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xxx on eth2                                                                                                 
x ICMP dest unrch (host) (100 bytes) from 59.66.96.226 to 166.111.61.xx on eth2                                                                                                            
x ICMP time excd (56 bytes) from 4.69.143.125 to 166.111.61.x on eth2
 
My ip is none of the above ones. The download speed in system monitor went up to 3m/s or even higher to 8m/s. I tried to use iptables and ebtable to filter icmp packages and also set icmp_echo_ignore_all to drop all icmp pacakges. But, unfortunately, nothing works. As long as I deleted eth2 from br-ex or brought down br-ex, the network went back normal.If you have any idea, please help me. I have been stuck here for several days. Thank you very much!!
 
Regards!
hjh


2015-09-17



applyhhj
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150917/840e4e80/attachment.html>


More information about the OpenStack-operators mailing list