[Linux-cluster] lack of IP collision check in ip.sh

[Charlie Brady]

On Thu, 15 Oct 2009, Antal Ferenc wrote:

> /usr/share/cluster/ip.sh in rgmanager-2.0.46-1.el5 does not check
> presence of the IP address on the network before it brings up the IP
> address. There is a possibility when IP address remains up on nodeA and
> IP resource sets the same IP address on nodeB during a failover causing
> IP collision on the network.
>
> I opened a bugzilla case about it with 526647 bugID.

nodeB should have fenced nodeA in this situation IIUC.

> I would like to know opinions about this. Have you experienced problems
> regarding this?
>
> Does it worth to fix it?
>
> I am thinking about this change in it:
>
> --- /usr/share/cluster/ip.sh.orig	2009-06-11 20:44:31.000000000 +0000
> +++ /usr/share/cluster/ip.sh	2009-10-15 10:34:39.000000000 +0000
> @@ -652,6 +652,13 @@
> 			ocf_log info "Removing IPv6 address $addr from $dev"
>                 fi
>
> +		if [ "$1" = "add" ]; then
> +			ocf_log notice "Pinging addr ${addr%%/*} from dev $dev"
> +			if ping_check inet6 ${addr%%/*} $dev; then
> +				ocf_log err "IPv6 address collision ${addr%%/*}"
> +				return 1
> +			fi
> +		fi
> 		/sbin/ip -f inet6 addr $1 dev $dev $addr
> 		[ $? -ne 0 ] && return 1
>
> @@ -722,6 +729,13 @@
> 			ocf_log info "Removing IPv4 address $addr from $dev"
> 		fi
>
> +		if [ "$1" = "add" ]; then
> +			ocf_log notice "Pinging addr ${addr%%/*} from dev $dev"
> +			if ping_check inet ${addr%%/*} $dev; then
> +				ocf_log err "IPv4 address collision ${addr%%/*}"
> +				return 1
> +			fi
> +		fi
> 		/sbin/ip -f inet addr $1 dev $dev $addr
> 		[ $? -ne 0 ] && return 1
>
>
>
> Thanks in advance, Ferenc
>
> --
> Linux-cluster mailing list
> Linux-cluster at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-cluster
>