Bug 1420032

Summary: CIDR prefix of multicast group should be 224.0.0.0/4
Product: OpenShift Container Platform Reporter: Weibin Liang <weliang>
Component: NetworkingAssignee: Ben Bennett <bbennett>
Status: CLOSED ERRATA QA Contact: Meng Bo <bmeng>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 3.5.0CC: aos-bugs, tdawson
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: We had the wrong CIDR for multicast addreses Consequence: Addresses that were in the mis-claimed portion were treated incorrectly as multicast and would not work. Fix: This fixes the range to be the IETF assigned one (per RFC 5771). Result: Addresses that were in the wrong portion of the range now work
 Story Points: ---
Clone Of: Environment:
Last Closed: 2017-04-12 19:12:06 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Weibin Liang 2017-02-07 16:09:33 UTC 
Description of problem:
IPv4 multicast addresses are defined by the leading address bits of 1110, originating from the classful network design of the early Internet when this group of addresses was designated as Class D. The Classless Inter-Domain Routing (CIDR) prefix of this group is 224.0.0.0/4. The group includes the addresses from 224.0.0.0 to 239.255.255.255. Address assignments from within this range are specified in RFC 5771, an Internet Engineering Task Force (IETF) Best Current Practice document (BCP 51).

Right now we use 224.0.0.0/3 in ovs rules.

Version-Release number of selected component (if applicable):
oc v3.5.0.16+a26133a
kubernetes v1.5.2+43a9be4
openshift v3.5.0.16+a26133a
kubernetes v1.5.2+43a9be4

How reproducible:
Every time

Steps to Reproduce:
1. oc project default
2. oc annotate netnamespace default netnamespace.network.openshift.io/multicast-enabled=true
3. oc create -f https://raw.githubusercontent.com/weliang1/Openshift_Networking/master/OSE3.3/multicast.json
4. Log into one node.
[root@ip-172-18-11-52 ~]# ovs-ofctl -O openflow13 dump-flows br0 | grep 224
 cookie=0x0, duration=806.019s, table=0, n_packets=0, n_bytes=0, priority=250,ip,in_port=2,nw_dst=224.0.0.0/3 actions=drop
 cookie=0x0, duration=806.037s, table=0, n_packets=0, n_bytes=0, priority=200,ip,in_port=1,nw_src=10.128.0.0/14,nw_dst=224.0.0.0/3 actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_REG0[],goto_table:10
 cookie=0x0, duration=805.798s, table=30, n_packets=0, n_bytes=0, priority=50,ip,in_port=1,nw_dst=224.0.0.0/3 actions=goto_table:120
 cookie=0x0, duration=805.796s, table=30, n_packets=0, n_bytes=0, priority=25,ip,nw_dst=224.0.0.0/3 actions=goto_table:110
[root@ip-172-18-11-52 ~]# 


Actual results:
224.0.0/3


Expected results:
224.0.0.0/4

Additional info:
Comment 1 openshift-github-bot 2017-02-08 09:32:20 UTC 
Commit pushed to master at https://github.com/openshift/origin

https://github.com/openshift/origin/commit/44bb9b71c362834f0f172f5a17558a4f99a64cbe
Fixed the multicast CIDR (was 224.0.0.0/3 not /4)

We had the wrong CIDR for multicast addreses.  This fixes the range to
be the IETF assigned one (per RFC 5771).

Fixes bug 1420032 (https://bugzilla.redhat.com/show_bug.cgi?id=1420032)
Comment 3 Weibin Liang 2017-02-09 15:41:25 UTC 
Test passed in oc v3.5.0.18+9a5d1aa


Test results:
[root@dhcp-41-55 ~]# ovs-ofctl -O openflow13 dump-flows br0 | grep 224.
 cookie=0x0, duration=300.924s, table=0, n_packets=0, n_bytes=0, priority=250,ip,in_port=2,nw_dst=224.0.0.0/4 actions=drop
 cookie=0x0, duration=300.933s, table=0, n_packets=0, n_bytes=0, priority=200,ip,in_port=1,nw_src=10.128.0.0/14,nw_dst=224.0.0.0/4 actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_REG0[],goto_table:10
 cookie=0x0, duration=300.867s, table=30, n_packets=0, n_bytes=0, priority=50,ip,in_port=1,nw_dst=224.0.0.0/4 actions=goto_table:120
 cookie=0x0, duration=300.864s, table=30, n_packets=0, n_bytes=0, priority=25,ip,nw_dst=224.0.0.0/4 actions=goto_table:110
Comment 5 errata-xmlrpc 2017-04-12 19:12:06 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:0884