Don't snat traffic between fixed IPs behind same router
This fixes a bug where an iptables rule to not snat traffic between
fixed IPs is only being added if enable_snat=true. We should add
this rule no matter what the value is for enable_snat.
Without this patch, current code will break such use case:
2 fixed IPs behind same router both have floatingip associated. And
the router has enable_snat=false. When fixed IP A want to ping
fixed IP B, fixed IP A will get the reply from fixed IP B's floating
IP.
Reviewed: https:/ /review. openstack. org/235832 /git.openstack. org/cgit/ openstack/ neutron/ commit/ ?id=4341a4faeed 937d014e95a94b7 7844d5a835acbe
Committed: https:/
Submitter: Jenkins
Branch: master
commit 4341a4faeed937d 014e95a94b77844 d5a835acbe
Author: Jenkins <email address hidden>
Date: Fri Oct 16 02:26:57 2015 +0000
Don't snat traffic between fixed IPs behind same router
This fixes a bug where an iptables rule to not snat traffic between
fixed IPs is only being added if enable_snat=true. We should add
this rule no matter what the value is for enable_snat.
Without this patch, current code will break such use case:
2 fixed IPs behind same router both have floatingip associated. And
the router has enable_snat=false. When fixed IP A want to ping
fixed IP B, fixed IP A will get the reply from fixed IP B's floating
IP.
More details could be found at bug description.
Change-Id: I322e8d454ef1d5 29ceda541fb5fe5 77cd70b412f
Closes-bug: #1505781