Opened 2 weeks ago
Last modified 11 days ago
#31083 new defect
kvm5 uses unexpected IP address
| Reported by: | weasel | Owned by: | tpa |
|---|---|---|---|
| Priority: | Medium | Milestone: | |
| Component: | Internal Services/Tor Sysadmin Team | Version: | |
| Severity: | Normal | Keywords: | |
| Cc: | Actual Points: | ||
| Parent ID: | Points: | ||
| Reviewer: | Sponsor: |
Description
kvm5 uses an unexpected IPv6 address for outgoing traffic (among others, to db.tpo), at least on the ipsec tunnel to other tor hosts (note: routing table 220).
It uses the one on the brpub bridge to KVM guests instead of the one assigned to its public interface.
Maybe this is because brpub gets brought up before eth0?
Child Tickets
Change History (4)
comment:1 Changed 12 days ago by
comment:2 Changed 12 days ago by
at least ud-replicate breaks, because ACLs and fw rules and what not assume that kvm5 comes from its published address
comment:3 Changed 12 days ago by
reading up on https://help.torproject.org/tsa/howto/upgrades/buster, it looks like this was triggered by the upgrade as well, right?
Note: See
TracTickets for help on using
tickets.
what's the actual impact of this and why does it matter?