Bug 298831 - magmamsg doesn't work if route is incorrect
magmamsg doesn't work if route is incorrect
Status: CLOSED ERRATA
Product: Red Hat Cluster Suite
Classification: Red Hat
Component: magma (Show other bugs)
4
All Linux
low Severity low
: ---
: ---
Assigned To: Lon Hohberger
Cluster QE
: ZStream
Depends On:
Blocks: 298861 354391 362611
  Show dependency treegraph
 
Reported: 2007-09-20 14:38 EDT by Lon Hohberger
Modified: 2009-04-16 16:35 EDT (History)
2 users (show)

See Also:
Fixed In Version: RHBA-2007-1035
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-11-21 16:53:43 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Magma patch - applications should call msg_set_nodeid() prior to msg_open if they use 'members_only' when doing msg_accept (3.07 KB, patch)
2007-09-20 14:38 EDT, Lon Hohberger
no flags Details | Diff
Adds ipv6 support (4.97 KB, patch)
2007-10-26 11:54 EDT, Lon Hohberger
no flags Details | Diff

  None (edit)
Description Lon Hohberger 2007-09-20 14:38:58 EDT
Description of problem:

If multiple IP addresses are bound to the same interface on the same subnet as
the primary cluster communications path, an incorrect routing configuration will
cause magmamsg (and therefore, other applications like rgmanager and ccsd) to
not function correctly.

For example:

   eth0   192.168.78.1
   eth0:1 192.168.78.10

If the cluster's hostname resolves to 192.168.78.1 - but the kernel routes
packets via the 192.168.78.0/24 subnet out via .10, the other members of the
cluster will deny the connection because .10 is does not match a cluster
member's IP address.

There are two solutions: DNS aliasing and this fix, which requires minor changes
to applications which use magmamsg.

Version-Release number of selected component (if applicable): 1.0.7-1
How reproducible: 100%
Steps to Reproduce:  As described
Comment 1 Lon Hohberger 2007-09-20 14:38:58 EDT
Created attachment 201151 [details]
Magma patch - applications should call msg_set_nodeid() prior to msg_open if they use 'members_only' when doing msg_accept
Comment 3 Lon Hohberger 2007-10-25 18:57:27 EDT
Adding 338511 as a blocker for this bug.   It's the same problem, but in the DLM.
Comment 4 Lon Hohberger 2007-10-26 11:33:39 EDT
You can tinker around this using IPtables too.  On *all* nodes, do something like:

iptables -t nat -A POSTROUTING -s <cluster_subnet/mask> \
         -m tcp -p tcp -d <node_1_ip_addr> \
         -j SNAT --to-source <my_cluster_ip>
iptables -t nat -A POSTROUTING -s <cluster_subnet/mask> \
         -m tcp -p tcp -d <node_1_ip_addr> \
         -j SNAT --to-source <my_cluster_ip>
...
iptables -t nat -A POSTROUTING -s <cluster_subnet/mask> \
         -m tcp -p tcp -d <node_N_ip_addr> \
         -j SNAT --to-source <my_cluster_ip>

Ex:

[root@et-virt09 ~]# iptables -t nat -A POSTROUTING -s 192.168.76.0/22 \
                   -m tcp -p tcp -d 192.168.79.125 \
                   -j SNAT --to-source 192.168.79.94
Comment 5 Lon Hohberger 2007-10-26 11:54:55 EDT
Created attachment 239241 [details]
Adds ipv6 support

Supplants old patch
Comment 10 errata-xmlrpc 2007-11-21 16:53:43 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2007-1035.html

Note You need to log in before you can comment on or make changes to this bug.