Comment 0 for bug 1832021
Revision history for this message
| David Ames (thedac) wrote Checksum drop of metadata traffic on isolated provider networks | #0 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
When an isolated network using provider networks for tenants (meaning without virtual routers: DVR or network node), metadata access occurs in the qdhcp ip netns rather than the qrouter netns.
The following options are set in the dhcp_agent.ini file:
force_metadata = True
enable_
VMs on the provider tenant network are unable to access metadata as packets are dropped due to checksum.
When we added the following in the qdhcp netns, VMs regained access to metadata:
iptables -t mangle -A OUTPUT -o ns-+ -p tcp --sport 80 -j CHECKSUM --checksum-fill
It seems this setting was recently removed from the qrouter netns [0] but it never existed in the qdhcp to begin with.
[0] https:/
Related LP Bug #1831935
See https:/