[lxc-devel] [lxd/master] Network: Skip lo interface addresses when deriving a fan overlay address

Fri Sep 18 08:15:14 UTC 2020

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 583 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200918/67e3da0f/attachment.bin>
-------------- next part --------------
From ac51668c673b6957712564fcfcc03e79bee14752 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Fri, 18 Sep 2020 09:01:40 +0100
Subject: [PATCH 1/2] Revert "lxd/network/driver/bridge: Exclude /32 underlay
 addresses from overlay address generation"

This reverts commit 602ecadd3c7a1286bf2d1245394f06824c712394.

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 lxd/network/driver_bridge.go | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/lxd/network/driver_bridge.go b/lxd/network/driver_bridge.go
index 4faa707f7b..addbc65447 100644
--- a/lxd/network/driver_bridge.go
+++ b/lxd/network/driver_bridge.go
@@ -1824,18 +1824,11 @@ func (n *bridge) addressForSubnet(subnet *net.IPNet) (net.IP, string, error) {
 		}
 
 		for _, addr := range addrs {
-			ip, network, err := net.ParseCIDR(addr.String())
+			ip, _, err := net.ParseCIDR(addr.String())
 			if err != nil {
 				continue
 			}
 
-			// Skip /32 addresses on interfaces in case VIPs are being used on a different interface
-			// than the intended underlay subnet interface.
-			maskOnes, maskSize := network.Mask.Size()
-			if maskOnes == 32 && maskSize == 32 {
-				continue
-			}
-
 			if subnet.Contains(ip) {
 				return ip, iface.Name, nil
 			}

From 158d5a7a4d31b809cf994c08c948d2348e82005a Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Fri, 18 Sep 2020 09:05:27 +0100
Subject: [PATCH 2/2] lxd/network/driver/bridge: Skip lo interface when
 generating fan overlay address in addressForSubnet

Avoids detecting the incorrect fan underlay address when /32 VIPs from the underlay subnet are added to the lo interface.

Also avoids breaking GCP setups that use /32 on the main network underlay interface.

Fixes https://discuss.linuxcontainers.org/t/delete-a-stopped-container-bring-down-the-fan-interface/8803
Fixes https://discuss.linuxcontainers.org/t/lxd-container-stuck-in-running-without-ip-address/8973

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 lxd/network/driver_bridge.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lxd/network/driver_bridge.go b/lxd/network/driver_bridge.go
index addbc65447..42c10c9814 100644
--- a/lxd/network/driver_bridge.go
+++ b/lxd/network/driver_bridge.go
@@ -1818,6 +1818,12 @@ func (n *bridge) addressForSubnet(subnet *net.IPNet) (net.IP, string, error) {
 	}
 
 	for _, iface := range ifaces {
+		// Skip addresses on lo interface in case VIPs are being used on that interface that are part of
+		// the underlay subnet as is unlikely to be the actual intended underlay subnet interface.
+		if iface.Name == "lo" {
+			continue
+		}
+
 		addrs, err := iface.Addrs()
 		if err != nil {
 			continue
