From c0fb9be02a195bed76de4772c56934b2dd1e123a Mon Sep 17 00:00:00 2001 From: Kelven Yang Date: Tue, 18 Jan 2011 16:14:56 -0800 Subject: [PATCH] Turn on rp_filter default to disable for console proxy VM, avoid explcit route conflict in DomR --- server/src/com/cloud/configuration/Config.java | 2 +- .../VirtualNetworkApplianceManagerImpl.java | 17 +++++++++++++++-- 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java index 42c563f1253..dc32b45da9f 100755 --- a/server/src/com/cloud/configuration/Config.java +++ b/server/src/com/cloud/configuration/Config.java @@ -99,7 +99,7 @@ public enum Config { ConsoleProxyRamSize("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.ram.size", "1024", "RAM size (in MB) used to create new console proxy VMs", null), ConsoleProxySessionMax("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.session.max", "50", "The max number of viewer sessions console proxy is configured to serve for", null), ConsoleProxySessionTimeout("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.session.timeout", "300000", "Timeout(in milliseconds) that console proxy tries to maintain a viewer session before it times out the session for no activity", null), - ConsoleProxyDisableRpFilter("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.disable.rpfilter", "false", "disable rp_filter on console proxy VM public interface", null), + ConsoleProxyDisableRpFilter("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.disable.rpfilter", "true", "disable rp_filter on console proxy VM public interface", null), // ConsoleProxyURLPort("Console Proxy", ManagementServer.class, Integer.class, "consoleproxy.url.port", "80", "Console proxy port for AJAX viewer", null), diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java index b0c0249f780..b62f83b48bf 100644 --- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java @@ -1104,10 +1104,23 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian buf.append(" localgw=").append(dest.getPod().getGateway()); managementNic = nic; } else if (nic.getTrafficType() == TrafficType.Control) { + // DOMR control command is sent over management server in VMware if (dest.getHost().getHypervisorType() == HypervisorType.VmWare) { - buf.append(" mgmtcidr=").append(_mgmt_host); - buf.append(" localgw=").append(dest.getPod().getGateway()); + if(s_logger.isInfoEnabled()) + s_logger.info("Check if we need to add management server explicit route to DomR. pod cidr: " + dest.getPod().getCidrAddress() + "/" + dest.getPod().getCidrSize() + + ", pod gateway: " + dest.getPod().getGateway() + ", management host: " + _mgmt_host); + + if(!NetUtils.sameSubnetCIDR(_mgmt_host, dest.getPod().getGateway(), dest.getPod().getCidrSize())) { + if(s_logger.isInfoEnabled()) + s_logger.info("Add management server explicit route to DomR."); + + buf.append(" mgmtcidr=").append(_mgmt_host); + buf.append(" localgw=").append(dest.getPod().getGateway()); + } else { + if(s_logger.isInfoEnabled()) + s_logger.info("Management server host is at same subnet at pod private network, don't add explict route to DomR"); + } } controlNic = nic;