SNMP traps use src IP of nodes mgmt network
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Jorge Saffe |
Bug Description
Brief Description
------------------
when using SNMP traps in my (subcloud) cluster, I notice that the source IP of the traps
is an IP address from the mgmt networks. The exact IP depends is from that node where the ns-snmp pod runs.
Severity
---------
<Major: SNMP traps should not use cluster-internal IP addresses
Steps to Reproduce
-------------------
Follow documentation to install/run SNMP with external trap destination. Trigger some alarms. Check traps on destination with tcpdump.
tcpdump running at trap destination:
15:04:49.974555 IP 10.87.0.43.51650 > 10.88.0.
Expected Behavior
------------------
Traps should use public cluster IP e.g. from OAM network.
Actual Behavior
----------------
Traps use internal IP from mgmt network.
Reproducibility
----------------
Reproducible
Same behavior can be seen with any pod-generated traffic to cluster-external destination (e.g. ping external IP)
System Configuration
-------
Subcloud with two controllers and 6 workers. In a test the sn-snmp pod was running on worker3:
Last Pass
-----------
Never
Timestamp/Logs
--------------
N/A
Alarms
------
PN/A
Test Activity
--------------
Evaluation
Workaround
-----------
N/A
Changed in starlingx: | |
importance: | Undecided → Medium |
assignee: | nobody → Jorge Saffe (jsaffe) |
tags: | added: stx.8.0 stx.fault |
Fix proposed to branch: master /review. opendev. org/c/starlingx /stx-puppet/ +/849452
Review: https:/