Bug 1420032 - CIDR prefix of multicast group should be 224.0.0.0/4
Summary: CIDR prefix of multicast group should be 224.0.0.0/4
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 3.5.0
Hardware: Unspecified
OS: Linux
unspecified
medium
Target Milestone: ---
: ---
Assignee: Ben Bennett
QA Contact: Meng Bo
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-02-07 16:09 UTC by Weibin Liang
Modified: 2017-07-24 14:11 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: We had the wrong CIDR for multicast addreses Consequence: Addresses that were in the mis-claimed portion were treated incorrectly as multicast and would not work. Fix: This fixes the range to be the IETF assigned one (per RFC 5771). Result: Addresses that were in the wrong portion of the range now work
Clone Of:
Environment:
Last Closed: 2017-04-12 19:12:06 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Origin (Github) 12852 0 None None None 2017-02-07 16:26:32 UTC
Red Hat Product Errata RHBA-2017:0884 0 normal SHIPPED_LIVE Red Hat OpenShift Container Platform 3.5 RPM Release Advisory 2017-04-12 22:50:07 UTC

Description Weibin Liang 2017-02-07 16:09:33 UTC
Description of problem:
IPv4 multicast addresses are defined by the leading address bits of 1110, originating from the classful network design of the early Internet when this group of addresses was designated as Class D. The Classless Inter-Domain Routing (CIDR) prefix of this group is 224.0.0.0/4. The group includes the addresses from 224.0.0.0 to 239.255.255.255. Address assignments from within this range are specified in RFC 5771, an Internet Engineering Task Force (IETF) Best Current Practice document (BCP 51).

Right now we use 224.0.0.0/3 in ovs rules.

Version-Release number of selected component (if applicable):
oc v3.5.0.16+a26133a
kubernetes v1.5.2+43a9be4
openshift v3.5.0.16+a26133a
kubernetes v1.5.2+43a9be4

How reproducible:
Every time

Steps to Reproduce:
1. oc project default
2. oc annotate netnamespace default netnamespace.network.openshift.io/multicast-enabled=true
3. oc create -f https://raw.githubusercontent.com/weliang1/Openshift_Networking/master/OSE3.3/multicast.json
4. Log into one node.
[root@ip-172-18-11-52 ~]# ovs-ofctl -O openflow13 dump-flows br0 | grep 224
 cookie=0x0, duration=806.019s, table=0, n_packets=0, n_bytes=0, priority=250,ip,in_port=2,nw_dst=224.0.0.0/3 actions=drop
 cookie=0x0, duration=806.037s, table=0, n_packets=0, n_bytes=0, priority=200,ip,in_port=1,nw_src=10.128.0.0/14,nw_dst=224.0.0.0/3 actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_REG0[],goto_table:10
 cookie=0x0, duration=805.798s, table=30, n_packets=0, n_bytes=0, priority=50,ip,in_port=1,nw_dst=224.0.0.0/3 actions=goto_table:120
 cookie=0x0, duration=805.796s, table=30, n_packets=0, n_bytes=0, priority=25,ip,nw_dst=224.0.0.0/3 actions=goto_table:110
[root@ip-172-18-11-52 ~]# 


Actual results:
224.0.0/3


Expected results:
224.0.0.0/4

Additional info:

Comment 1 openshift-github-bot 2017-02-08 09:32:20 UTC
Commit pushed to master at https://github.com/openshift/origin

https://github.com/openshift/origin/commit/44bb9b71c362834f0f172f5a17558a4f99a64cbe
Fixed the multicast CIDR (was 224.0.0.0/3 not /4)

We had the wrong CIDR for multicast addreses.  This fixes the range to
be the IETF assigned one (per RFC 5771).

Fixes bug 1420032 (https://bugzilla.redhat.com/show_bug.cgi?id=1420032)

Comment 3 Weibin Liang 2017-02-09 15:41:25 UTC
Test passed in oc v3.5.0.18+9a5d1aa


Test results:
[root@dhcp-41-55 ~]# ovs-ofctl -O openflow13 dump-flows br0 | grep 224.
 cookie=0x0, duration=300.924s, table=0, n_packets=0, n_bytes=0, priority=250,ip,in_port=2,nw_dst=224.0.0.0/4 actions=drop
 cookie=0x0, duration=300.933s, table=0, n_packets=0, n_bytes=0, priority=200,ip,in_port=1,nw_src=10.128.0.0/14,nw_dst=224.0.0.0/4 actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_REG0[],goto_table:10
 cookie=0x0, duration=300.867s, table=30, n_packets=0, n_bytes=0, priority=50,ip,in_port=1,nw_dst=224.0.0.0/4 actions=goto_table:120
 cookie=0x0, duration=300.864s, table=30, n_packets=0, n_bytes=0, priority=25,ip,nw_dst=224.0.0.0/4 actions=goto_table:110

Comment 5 errata-xmlrpc 2017-04-12 19:12:06 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:0884


Note You need to log in before you can comment on or make changes to this bug.