Project

General

Profile

Actions

Bug #4429

closed

duplicated IP addresses across nodes are not accepted, preventing to handle NAT

Added by Christophe Nowicki almost 11 years ago. Updated over 10 years ago.

Status:
Released
Priority:
2
Category:
Web - Nodes & inventories
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

Hi,

When I try to add host with and duplicated IP (some of our host are NATed (RFC1918))
and I would to manage host with duplicated IP address and unique UUID with rudder.

Best Regards,


Files

dup_ip.png (47.3 KB) dup_ip.png Christophe Nowicki, 2014-01-31 11:49

Related issues 1 (0 open1 closed)

Related to Rudder - Bug #4442: cf-serverd looks up reverse DNS for ALL nodes at start upReleasedJonathan CLARKE2014-02-05Actions
Actions #1

Updated by François ARMAND almost 11 years ago

It could be an other instance of http://www.rudder-project.org/redmine/issues/3924

Does comments on that ticket seems to feet your use case ?

Actions #2

Updated by Christophe Nowicki almost 11 years ago

François ARMAND wrote:

It could be an other instance of http://www.rudder-project.org/redmine/issues/3924

Does comments on that ticket seems to feet your use case ?

Hi François,

What do you check :

1/ The IP address is unique ?

2/ The IP address is in the allowed network range ?

3/ ?

In our case all the the hosts have and unique UUID and the same IP address.

Thanks

Actions #3

Updated by François ARMAND almost 11 years ago

The UUID is not taken into account here.

So, to answer your question, we are checking the uniqueness of the IP address. If you have two nodes with exactly the same IP, CFEngine server won't be able to know what is the hostname of the node. Or all your node also have the same hostname ? If that is the case, I'm pretty sure we don't support that use case for now, I will need the help of a more ops guy to help understand it.

Well, there is one case that I think we missed: in the case of relay server (each relay server can talk to a local net), it is completly legit to have two nodes with the same ip and different hostname. So we should check the uniquness of the couple (ip, policy server id).

Actions #4

Updated by Nicolas CHARLES almost 11 years ago

  • Category set to Web - Nodes & inventories
  • Status changed from New to In progress
  • Assignee set to Nicolas CHARLES
  • Target version set to 2.10.0~beta1
Actions #5

Updated by Nicolas CHARLES almost 11 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Nicolas CHARLES to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder/pull/452
Actions #6

Updated by François ARMAND almost 11 years ago

  • Subject changed from Duplicated IP address / NAT handling to Duplicated IP address must be accepted to allow NAT handling
Actions #7

Updated by François ARMAND almost 11 years ago

The correction here is to remove the special check that we added in Rudder UI to forbid duplicated IPs in authrozied networks.

This not sufficient to allow a working NATted network, see: #4442

Actions #8

Updated by François ARMAND almost 11 years ago

  • Status changed from Pending technical review to Discussion
  • Assignee changed from François ARMAND to Nicolas CHARLES
  • Priority changed from N/A to 2

Is this really a bug ? If so, shouldn't it be targeted to 2.6 ?

Actions #9

Updated by Nicolas CHARLES almost 11 years ago

i guess it's too big a change of behaviour to be changed in a stable version (we are basically moving from : you can't have twice the same ip, which is convenient if you duplicated VMs and don't check their IP configuration) to you can have twice the same IP

Not that relay server where introduced in 2.8, so there can't be cases in 2.6 when duplicate ip would make sense

Actions #10

Updated by Jonathan CLARKE almost 11 years ago

  • Tracker changed from Bug to User story
  • Subject changed from Duplicated IP address must be accepted to allow NAT handling to Allow duplicated IP addresses across nodes to allow NAT handling
  • Status changed from Discussion to 10
Actions #11

Updated by Jonathan CLARKE almost 11 years ago

  • Status changed from 10 to 12
Actions #12

Updated by Nicolas CHARLES almost 11 years ago

  • Status changed from 12 to Pending release
  • % Done changed from 0 to 100
Actions #13

Updated by Anonymous almost 11 years ago

Actions #14

Updated by Vincent MEMBRÉ almost 11 years ago

  • Tracker changed from User story to Bug
Actions #15

Updated by Vincent MEMBRÉ almost 11 years ago

  • Pull Request set to https://github.com/Normation/rudder/pull/452
Actions #16

Updated by Vincent MEMBRÉ almost 11 years ago

  • Subject changed from Allow duplicated IP addresses across nodes to allow NAT handling to duplicated IP addresses across nodes are not accepted, preventing to handle NAT
Actions #17

Updated by Vincent MEMBRÉ over 10 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 2.10.0~beta1, which was released today.
Check out:

The release announcement: http://www.rudder-project.org/pipermail/rudder-announce/2014-March/000084.html
The full ChangeLog: http://www.rudder-project.org/foswiki/bin/view/System/Documentation:ChangeLog210
Download information: https://www.rudder-project.org/site/get-rudder/downloads/
Actions

Also available in: Atom PDF