Bug 1744528 - Make free IP ping optional
Summary: Make free IP ping optional
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: DHCP & DNS
Version: 6.5.0
Hardware: All
OS: Linux
unspecified
high
Target Milestone: 6.7.0
Assignee: Lukas Zapletal
QA Contact: Radovan Drazny
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-08-22 10:49 UTC by Varatharaja Perumal G
Modified: 2020-04-14 13:25 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-04-14 13:25:28 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Foreman Issue Tracker 27692 Normal Closed Make free IP ping optional 2020-05-19 15:58:34 UTC
Red Hat Product Errata RHSA-2020:1454 None None None 2020-04-14 13:25:45 UTC

Description Varatharaja Perumal G 2019-08-22 10:49:39 UTC
Description of problem:

When we have the DHCP capsule server behind a firewall and the requests from port 7 which is used for checking the TCP pingable on free IP is refused. Satellite considers the IP address is used and it failed to provide the free IP (autosuggest). 

Version-Release number of selected component (if applicable):

Red Hat Satellite 6.4

Actual results:

Satellite capsule failed to provide free IP.

Expected results:

Satellite should use ping if it fails with TCP.

Additional info:

pingable code file:-
"/usr/share/foreman-proxy/modules/dhcp_common/free_ips.rb"

~~~

logger.debug "Searching for free IP - pinging #{possible_ip}."
          if tcp_pingable?(possible_ip) || icmp_pingable?(possible_ip)
            logger.debug "Found a pingable IP(#{possible_ip}) address
which does not have a Proxy::DHCP record."
          else
            logger.debug "Found free IP #{possible_ip} out of a total
of #{num_of_addresses} free IPs."
            return possible_ip
          end

~~~

As the connection is refused satellite consider the IPs is pingable
even if its free.

Tested modified code:-

~~~

          logger.debug "Searching for free IP - pinging #{possible_ip}."
          if !tcp_pingable?(possible_ip)
            logger.debug "Found free IP #{possible_ip} out of a total
of #{num_of_addresses} free IPs."
            return possible_ip
          elsif !icmp_pingable?(possible_ip)
            logger.debug "Found free IP #{possible_ip} out of a total
of #{num_of_addresses} free IPs."
            return possible_ip
          else
            logger.debug "Found a pingable IP(#{possible_ip}) address
which does not have a Proxy::DHCP record."
          end
~~~

Comment 3 Lukas Zapletal 2019-08-23 13:02:14 UTC
Valid backlog item. Workaround: Remove the code which performs the pings completely.

Comment 4 Lukas Zapletal 2019-08-23 13:08:25 UTC
Created redmine issue https://projects.theforeman.org/issues/27692 from this bug

Comment 5 Bryan Kearney 2019-08-23 14:02:04 UTC
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/27692 has been resolved.

Comment 6 Radovan Drazny 2020-02-05 16:45:24 UTC
Tested on Sat 6.7 Snap 10 using following steps: 
1. create an isolated network managed by a separate capsule with DHCP enabled, with a very small DHCP range (e.g. a pool of 5 addresses) 
2. connect a client to the network and manually assign an address (which is not leased out by the DHCP server, of course) from the DHCP range to it
3. run a manual creation of a new host on the Satellite, assign the host to the isolated network, and click the "Suggest new" link a few times.

With ping_free_ip: true
Satellite will suggest addresses not leased out by the DHCP server, and WILL NOT suggest the address manually assigned in the step 2, because it has been pinged and determined as taken in the real-time. 

With ping_free_ip: false
Satellite will suggest addresses not leased out by the DHCP server, and WILL suggest the address manually assigned in the step 2, because the DHCP db is its only source of info, and no checking pings are made.

Comment 9 errata-xmlrpc 2020-04-14 13:25:28 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:1454


Note You need to log in before you can comment on or make changes to this bug.