From c0b920f740f5e5ba33f0e210caf4642edb2b7224 Mon Sep 17 00:00:00 2001 From: Nicolas Vazquez Date: Tue, 6 Mar 2018 10:56:47 -0300 Subject: [PATCH 1/2] CLOUDSTACK-10274: L2 network refused to be designed on VXLAN physical network (#2448) L2 network refused to be designed on VXLAN physical network. Add fix for vxlan issue. Add condition for L2 networks which do not allow specifying vlan. --- .../com/cloud/network/guru/VxlanGuestNetworkGuru.java | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/plugins/network-elements/vxlan/src/com/cloud/network/guru/VxlanGuestNetworkGuru.java b/plugins/network-elements/vxlan/src/com/cloud/network/guru/VxlanGuestNetworkGuru.java index c065bd191d0..35f588fd567 100644 --- a/plugins/network-elements/vxlan/src/com/cloud/network/guru/VxlanGuestNetworkGuru.java +++ b/plugins/network-elements/vxlan/src/com/cloud/network/guru/VxlanGuestNetworkGuru.java @@ -55,11 +55,12 @@ public class VxlanGuestNetworkGuru extends GuestNetworkGuru { @Override protected boolean canHandle(NetworkOffering offering, final NetworkType networkType, final PhysicalNetwork physicalNetwork) { // This guru handles only Guest Isolated network that supports Source nat service - if (networkType == NetworkType.Advanced && isMyTrafficType(offering.getTrafficType()) && offering.getGuestType() == Network.GuestType.Isolated && - isMyIsolationMethod(physicalNetwork)) { + if (networkType == NetworkType.Advanced && isMyTrafficType(offering.getTrafficType()) && + (offering.getGuestType() == Network.GuestType.Isolated || offering.getGuestType() == Network.GuestType.L2) && + isMyIsolationMethod(physicalNetwork)) { return true; } else { - s_logger.trace("We only take care of Guest networks of type " + GuestType.Isolated + " in zone of type " + NetworkType.Advanced); + s_logger.trace("We only take care of Guest networks of type " + GuestType.Isolated + " or " + GuestType.L2 + " in zone of type " + NetworkType.Advanced); return false; } } @@ -72,6 +73,10 @@ public class VxlanGuestNetworkGuru extends GuestNetworkGuru { return null; } + if (offering.getGuestType() == GuestType.L2 && network.getBroadcastUri() != null) { + String vxlan = BroadcastDomainType.getValue(network.getBroadcastUri()); + network.setBroadcastUri(BroadcastDomainType.Vxlan.toUri(vxlan)); + } network.setBroadcastDomainType(BroadcastDomainType.Vxlan); return network; From c0440e8124666fe7c642d8875870b7c09b65ce42 Mon Sep 17 00:00:00 2001 From: Rohit Yadav Date: Thu, 8 Mar 2018 10:01:36 +0100 Subject: [PATCH 2/2] CLOUDSTACK-10317: Fix SNAT rules for additional public nics (#2476) * CLOUDSTACK-10317: Fix SNAT rules for additional public nics This allows networks with additional public nics to have correct SNAT iptables rules applied on configuration. Signed-off-by: Rohit Yadav * update based on Wei's suggested change Signed-off-by: Rohit Yadav --- systemvm/debian/opt/cloud/bin/cs/CsAddress.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systemvm/debian/opt/cloud/bin/cs/CsAddress.py b/systemvm/debian/opt/cloud/bin/cs/CsAddress.py index 42992b55123..dbafa1df555 100755 --- a/systemvm/debian/opt/cloud/bin/cs/CsAddress.py +++ b/systemvm/debian/opt/cloud/bin/cs/CsAddress.py @@ -388,7 +388,7 @@ class CsIP: self.fw.append(["mangle", "", "-A VPN_%s -j RETURN" % self.address['public_ip']]) self.fw.append(["nat", "", - "-A POSTROUTING -o eth2 -j SNAT --to-source %s" % self.address['public_ip']]) + "-A POSTROUTING -o %s -j SNAT --to-source %s" % (self.dev, self.cl.get_eth2_ip())]) self.fw.append(["mangle", "", "-A PREROUTING -i %s -m state --state NEW " % self.dev + "-j CONNMARK --set-xmark %s/0xffffffff" % self.dnum])