[Openstack] Please help!!!!Openvswitch attacked by ICMP!!!!!!!
applyhhj
applyhhj at 163.com
Thu Sep 17 14:53:51 UTC 2015
Hi,
I followed The Guidance and tried to configure openvswitch(OVS) service. I first created a bridge br-ex and then added eth2 to the bridge. After that I set the IP of eth2 to 0.0.0.0 and then reboot the system. However br-ex was not up when system launched. So I turned on br-ex manually and then restart the network, but br-ex could not get ip from dhcp server. Thus I used “dhclient br-ex” to manually acquire IP. Well till then everything worked fine, but in the evening the Network Node was continuously attacked by ICMP package. Iptraf showed the following messages:
x ICMP time excd (56 bytes) from 4.69.143.125 to 166.111.61.xx on eth2
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xxx on eth2
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xx on eth2
x ICMP dest unrch (host) (100 bytes) from 59.66.96.226 to 166.111.61.xx on eth2
x ICMP time excd (56 bytes) from 4.69.143.125 to 166.111.61.xx on eth2
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xxx on eth2
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xx on eth2
x ICMP dest unrch (host) (100 bytes) from 59.66.96.226 to 166.111.61.x on eth2
x ICMP time excd (56 bytes) from 4.69.143.125 to 166.111.61.63 on eth2
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xx on eth2
x ICMP dest unrch (host comm denied) (576 bytes) from 176.32.36.23 to 166.111.61.xxx on eth2
x ICMP dest unrch (host) (100 bytes) from 59.66.96.226 to 166.111.61.xx on eth2
x ICMP time excd (56 bytes) from 4.69.143.125 to 166.111.61.x on eth2
My ip is none of the above ones. The download speed in system monitor went up to 3m/s or even higher to 8m/s. I tried to use iptables and ebtable to filter icmp packages and also set icmp_echo_ignore_all to drop all icmp pacakges. But, unfortunately, nothing works. As long as I deleted eth2 from br-ex or brought down br-ex, the network went back normal.If you have any idea, please help me. I have been stuck here for several days. Thank you very much!!
Regards!
hjh
2015-09-17
applyhhj
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150917/eef02d33/attachment.html>
More information about the Openstack
mailing list