[Openstack] Duplicate ICMP due to public interface bridge being placed in promiscus mode

Shyam Kaushik shyam at zadarastorage.com
Fri Oct 14 12:59:45 UTC 2011


*Hi Vish,*



In our openstack deployment we observe this:



Since linux_net.py/initialize_gateway_device() does this

    # NOTE(vish): If the public interface is the same as the

    #             bridge, then the bridge has to be in promiscuous

    #             to forward packets properly.

    if(FLAGS.public_interface == dev):

        _execute('ip', 'link', 'set',

                     'dev', dev, 'promisc', 'on', run_as_root=True)





Any VM spawned on the cloud controller node if it sends an ICMP ping to an
external network gets duplicate replies (i.e. there are 2 replies for the
same ICMP request). For VM’s spawned on any other non-cloud controller this
doesn’t happen.



If we turn of promiscus mode on the bridge, the VM on cloud controller
doesn’t see the duplicate replies, but VM’s on non-cloud controller cannot
reach external network.



Question to you is, is this duplicate ICMP replies expected for VM’s running
on cloud controller due to above logic?



--Shyam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20111014/cbfa24a7/attachment.html>


More information about the Openstack mailing list