Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 298831

Summary: magmamsg doesn't work if route is incorrect
Product: [Retired] Red Hat Cluster Suite Reporter: Lon Hohberger <lhh>
Component: magmaAssignee: Lon Hohberger <lhh>
Status: CLOSED ERRATA QA Contact: Cluster QE <mspqa-list>
Severity: low Docs Contact:
Priority: low    
Version: 4CC: cluster-maint, ttracy
Target Milestone: ---Keywords: ZStream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHBA-2007-1035 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-11-21 21:53:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 298861, 354391, 362611    
Attachments:
Description Flags
Magma patch - applications should call msg_set_nodeid() prior to msg_open if they use 'members_only' when doing msg_accept
none
Adds ipv6 support none

Description Lon Hohberger 2007-09-20 18:38:58 UTC 
Description of problem:

If multiple IP addresses are bound to the same interface on the same subnet as
the primary cluster communications path, an incorrect routing configuration will
cause magmamsg (and therefore, other applications like rgmanager and ccsd) to
not function correctly.

For example:

   eth0   192.168.78.1
   eth0:1 192.168.78.10

If the cluster's hostname resolves to 192.168.78.1 - but the kernel routes
packets via the 192.168.78.0/24 subnet out via .10, the other members of the
cluster will deny the connection because .10 is does not match a cluster
member's IP address.

There are two solutions: DNS aliasing and this fix, which requires minor changes
to applications which use magmamsg.

Version-Release number of selected component (if applicable): 1.0.7-1
How reproducible: 100%
Steps to Reproduce:  As described
Comment 1 Lon Hohberger 2007-09-20 18:38:58 UTC 
Created attachment 201151 [details]
Magma patch - applications should call msg_set_nodeid() prior to msg_open if they use 'members_only' when doing msg_accept
Comment 3 Lon Hohberger 2007-10-25 22:57:27 UTC 
Adding 338511 as a blocker for this bug.   It's the same problem, but in the DLM.
Comment 4 Lon Hohberger 2007-10-26 15:33:39 UTC 
You can tinker around this using IPtables too.  On *all* nodes, do something like:

iptables -t nat -A POSTROUTING -s <cluster_subnet/mask> \
         -m tcp -p tcp -d <node_1_ip_addr> \
         -j SNAT --to-source <my_cluster_ip>
iptables -t nat -A POSTROUTING -s <cluster_subnet/mask> \
         -m tcp -p tcp -d <node_1_ip_addr> \
         -j SNAT --to-source <my_cluster_ip>
...
iptables -t nat -A POSTROUTING -s <cluster_subnet/mask> \
         -m tcp -p tcp -d <node_N_ip_addr> \
         -j SNAT --to-source <my_cluster_ip>

Ex:

[root@et-virt09 ~]# iptables -t nat -A POSTROUTING -s 192.168.76.0/22 \
                   -m tcp -p tcp -d 192.168.79.125 \
                   -j SNAT --to-source 192.168.79.94
Comment 5 Lon Hohberger 2007-10-26 15:54:55 UTC 
Created attachment 239241 [details]
Adds ipv6 support

Supplants old patch
Comment 10 errata-xmlrpc 2007-11-21 21:53:43 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2007-1035.html