Opened 11 months ago

Closed 2 weeks ago

#31083 closed defect (wontfix)

kvm5 uses unexpected IP address

Reported by: weasel Owned by: tpa
Priority: Medium Milestone:
Component: Internal Services/Tor Sysadmin Team Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

kvm5 uses an unexpected IPv6 address for outgoing traffic (among others, to db.tpo), at least on the ipsec tunnel to other tor hosts (note: routing table 220).

It uses the one on the brpub bridge to KVM guests instead of the one assigned to its public interface.

Maybe this is because brpub gets brought up before eth0?

Child Tickets

Change History (5)

comment:1 Changed 11 months ago by anarcat

what's the actual impact of this and why does it matter?

comment:2 Changed 11 months ago by weasel

at least ud-replicate breaks, because ACLs and fw rules and what not assume that kvm5 comes from its published address

comment:3 Changed 11 months ago by anarcat

reading up on https://help.torproject.org/tsa/howto/upgrades/buster, it looks like this was triggered by the upgrade as well, right?

comment:4 Changed 11 months ago by weasel

yes, almost certainly

comment:5 Changed 2 weeks ago by anarcat

Resolution: wontfix
Status: newclosed

this host will be retired as part of #33084, i don't think we should bother with this.

Note: See TracTickets for help on using tickets.