connection on Neutron Bridge
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Incomplete
|
Undecided
|
new |
Bug Description
Summary (Bug title): connection on Neutron Bridging.
High level description: A bug was revealed in the default setting of OpenStack mitaka Neutron. It allows bridging of a TAP interfaces that does not have a private Ethernet interface at backend (that are used to connect to the internet) as a result, this connection would create a serious security risk by disclosing the network traffic of tenants.
Pre-conditions:- Created a project - test
Created a network, subnet, router, a VMs and VMs are attached to the network.
Step-by-step reproduction steps: CLI commands or API requests are great;
Connection with bridge Interface through which traffic of all other VMs passed.
create Mirror name=<mirror_name>
select-
set mirror @ br-int
select-
select-
This command as a result can disclose the privacy of the tenant VMs, by redirecting their network traffic at destination point.
Version:
OpenStack version stable/mitaka
Linux Distro: Seen this behavior in Ubuntu. It is independent of distro.
** devstack
Environment: what types of services are you running (core services like DB and AMQP broker, as well as Nova/hypervisor if it matters), and which type of deployment (clustered servers)? Multi-node or single node, etc.
Single node. Independent of Hypervisor.
Perceived severity: is this a blocker for you?
I think this must be fix in next release. As it disclose the privacy of tenant.
Changed in neutron: | |
assignee: | nobody → new (cloudie) |
status: | New → In Progress |
summary: |
- connection on Neutron Bridging + connection on Neutron Bridge |
Changed in neutron: | |
status: | Incomplete → In Progress |
So is this something that requires access to the hypervisor? i.e. you need to be root on the underlying compute node? If so, tcpdump can already be used by root to capture tenant traffic. It doesn't look like it's something that can be done from inside a tenant VM, so I don't see why it is a security issue?