diff --git a/engine/schema/src/main/java/com/cloud/network/vpc/dao/VpcGatewayDao.java b/engine/schema/src/main/java/com/cloud/network/vpc/dao/VpcGatewayDao.java index e6a72c870b0..4417dfad0a4 100644 --- a/engine/schema/src/main/java/com/cloud/network/vpc/dao/VpcGatewayDao.java +++ b/engine/schema/src/main/java/com/cloud/network/vpc/dao/VpcGatewayDao.java @@ -32,4 +32,6 @@ public interface VpcGatewayDao extends GenericDao { List listByAclIdAndType(long aclId, VpcGateway.Type type); List listByVpcId(long vpcId); + + VpcGatewayVO getVpcGatewayByNetworkId(long networkId); } diff --git a/engine/schema/src/main/java/com/cloud/network/vpc/dao/VpcGatewayDaoImpl.java b/engine/schema/src/main/java/com/cloud/network/vpc/dao/VpcGatewayDaoImpl.java index 39d33192a09..7d1fa897d2a 100644 --- a/engine/schema/src/main/java/com/cloud/network/vpc/dao/VpcGatewayDaoImpl.java +++ b/engine/schema/src/main/java/com/cloud/network/vpc/dao/VpcGatewayDaoImpl.java @@ -89,4 +89,11 @@ public class VpcGatewayDaoImpl extends GenericDaoBase implem sc.setParameters("vpcId", vpcId); return listBy(sc); } + + @Override + public VpcGatewayVO getVpcGatewayByNetworkId(long networkId) { + SearchCriteria sc = AllFieldsSearch.create(); + sc.setParameters("networkid", networkId); + return findOneBy(sc); + } } diff --git a/server/src/main/java/com/cloud/network/NetworkModelImpl.java b/server/src/main/java/com/cloud/network/NetworkModelImpl.java index b8bd2c38d0d..031b8433165 100644 --- a/server/src/main/java/com/cloud/network/NetworkModelImpl.java +++ b/server/src/main/java/com/cloud/network/NetworkModelImpl.java @@ -94,7 +94,9 @@ import com.cloud.network.element.UserDataServiceProvider; import com.cloud.network.rules.FirewallRule.Purpose; import com.cloud.network.rules.FirewallRuleVO; import com.cloud.network.rules.dao.PortForwardingRulesDao; +import com.cloud.network.vpc.VpcGatewayVO; import com.cloud.network.vpc.dao.PrivateIpDao; +import com.cloud.network.vpc.dao.VpcGatewayDao; import com.cloud.offering.NetworkOffering; import com.cloud.offering.NetworkOffering.Detail; import com.cloud.offerings.NetworkOfferingServiceMapVO; @@ -158,6 +160,8 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel, Confi NicDao _nicDao = null; @Inject PodVlanMapDao _podVlanMapDao; + @Inject + VpcGatewayDao _vpcGatewayDao; private List networkElements; @@ -1780,8 +1784,8 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel, Confi @Override public boolean isPrivateGateway(long ntwkId) { - Network network = getNetwork(ntwkId); - if (network.getTrafficType() != TrafficType.Guest || network.getNetworkOfferingId() != s_privateOfferingId.longValue()) { + final VpcGatewayVO gateway = _vpcGatewayDao.getVpcGatewayByNetworkId(ntwkId); + if (gateway == null) { return false; } return true; diff --git a/server/src/main/java/com/cloud/network/router/CommandSetupHelper.java b/server/src/main/java/com/cloud/network/router/CommandSetupHelper.java index f9ffeb99d67..0fe9dc32c8b 100644 --- a/server/src/main/java/com/cloud/network/router/CommandSetupHelper.java +++ b/server/src/main/java/com/cloud/network/router/CommandSetupHelper.java @@ -104,7 +104,9 @@ import com.cloud.network.vpc.PrivateIpAddress; import com.cloud.network.vpc.StaticRouteProfile; import com.cloud.network.vpc.Vpc; import com.cloud.network.vpc.VpcGateway; +import com.cloud.network.vpc.VpcGatewayVO; import com.cloud.network.vpc.dao.VpcDao; +import com.cloud.network.vpc.dao.VpcGatewayDao; import com.cloud.offering.NetworkOffering; import com.cloud.offerings.NetworkOfferingVO; import com.cloud.offerings.dao.NetworkOfferingDao; @@ -170,6 +172,8 @@ public class CommandSetupHelper { @Inject private VpcDao _vpcDao; @Inject + private VpcGatewayDao _vpcGatewayDao; + @Inject private VlanDao _vlanDao; @Inject private IPAddressDao _ipAddressDao; @@ -707,7 +711,7 @@ public class CommandSetupHelper { final IpAddressTO ip = new IpAddressTO(ipAddr.getAccountId(), ipAddr.getAddress().addr(), add, firstIP, sourceNat, BroadcastDomainType.fromString(ipAddr.getVlanTag()).toString(), ipAddr.getGateway(), ipAddr.getNetmask(), macAddress, networkRate, ipAddr.isOneToOneNat()); - ip.setTrafficType(network.getTrafficType()); + ip.setTrafficType(getNetworkTrafficType(network)); ip.setNetworkName(_networkModel.getNetworkTag(router.getHypervisorType(), network)); ipsToSend[i++] = ip; if (ipAddr.isSourceNat()) { @@ -823,7 +827,7 @@ public class CommandSetupHelper { final IpAddressTO ip = new IpAddressTO(ipAddr.getAccountId(), ipAddr.getAddress().addr(), add, firstIP, sourceNat, vlanId, vlanGateway, vlanNetmask, vifMacAddress, networkRate, ipAddr.isOneToOneNat()); - ip.setTrafficType(network.getTrafficType()); + ip.setTrafficType(getNetworkTrafficType(network)); ip.setNetworkName(_networkModel.getNetworkTag(router.getHypervisorType(), network)); ipsToSend[i++] = ip; /* @@ -948,7 +952,7 @@ public class CommandSetupHelper { final IpAddressTO ip = new IpAddressTO(Account.ACCOUNT_ID_SYSTEM, ipAddr.getIpAddress(), add, false, ipAddr.getSourceNat(), ipAddr.getBroadcastUri(), ipAddr.getGateway(), ipAddr.getNetmask(), ipAddr.getMacAddress(), null, false); - ip.setTrafficType(network.getTrafficType()); + ip.setTrafficType(getNetworkTrafficType(network)); ip.setNetworkName(_networkModel.getNetworkTag(router.getHypervisorType(), network)); ipsToSend[i++] = ip; @@ -1101,4 +1105,14 @@ public class CommandSetupHelper { } return dhcpRange; } + + private TrafficType getNetworkTrafficType(Network network) { + final VpcGatewayVO gateway = _vpcGatewayDao.getVpcGatewayByNetworkId(network.getId()); + if (gateway != null) { + s_logger.debug("network " + network.getId() + " (name: " + network.getName() + " ) is a vpc private gateway, set traffic type to Public"); + return TrafficType.Public; + } else { + return network.getTrafficType(); + } + } } diff --git a/systemvm/debian/opt/cloud/bin/configure.py b/systemvm/debian/opt/cloud/bin/configure.py index 8ce18d49e32..cadb7c54f05 100755 --- a/systemvm/debian/opt/cloud/bin/configure.py +++ b/systemvm/debian/opt/cloud/bin/configure.py @@ -793,6 +793,12 @@ class CsForwardingRules(CsDataBag): return None + def getGuestIpByIp(self, ipa): + for interface in self.config.address().get_interfaces(): + if interface.ip_in_subnet(ipa): + return interface.get_ip() + return None + def getDeviceByIp(self, ipa): for interface in self.config.address().get_interfaces(): if interface.ip_in_subnet(ipa): @@ -930,8 +936,20 @@ class CsForwardingRules(CsDataBag): if not rule["internal_ports"] == "any": fw_output_rule += ":" + self.portsToString(rule["internal_ports"], "-") + fw_postrout_rule2 = "-j SNAT --to-source %s -A POSTROUTING -s %s -d %s/32 -o %s -p %s -m %s --dport %s" % \ + ( + self.getGuestIpByIp(rule['internal_ip']), + self.getNetworkByIp(rule['internal_ip']), + rule['internal_ip'], + self.getDeviceByIp(rule['internal_ip']), + rule['protocol'], + rule['protocol'], + self.portsToString(rule['internal_ports'], ':') + ) + self.fw.append(["nat", "", fw_prerout_rule]) self.fw.append(["nat", "", fw_postrout_rule]) + self.fw.append(["nat", "", fw_postrout_rule2]) self.fw.append(["nat", "", fw_output_rule]) def processStaticNatRule(self, rule):