Comment 3 for bug 1677668

Revision history for this message
Sam Lee (samlee) wrote :

Hi Chris,

Some new clarifications are in order. Please disregard the "ARP Inspection" claim. That feature wasn't even enabled.

Here's a very simplified drawing of the setup.

                                                                         +-------------------+
                                                                         | ARP CACHE |
                                            +------------+ | (expires 4 hours) |
                                            | | | 10.1.1.11 22:22
                                            | | | 10.1.2.100 33:33
                                            | ROUTER | | |
                                            | | | |
                                            | | | |
                                            | | +-------------------+
                                           +--------------+
                                           | |
                                           | |
                              +---------------+ +------------------+
                              | SWITCH A | | SWITCH B |
                     +--------+ | | |
                     | +---------------+ +------------------+
                     | | |
                     | | |
       +------------------+ +------------------+ +------------------+
       | | | | | |
       | | | 10.1.1.11 | | 10.1.2.100 |
       | | | 255.255.255.0 | | 255.255.255.0 |
       | | | | | REGION CTLR |
       | MAAS MACHINE 2 | | MAAS MACHINE 1 | | |
       | MAC 22:22 | | MAC 11:11 | | MAC 33:33 |
       +------------------+ +------------------+ +------------------+

1) Assuming Machine #2 was last deployed and then released within the past 4 hours, using the IP 10.1.1.11. Thus the router already has an ARP entry in its cache matching 10.1.1.11 to MAC 22:22.
2) Machine #1 is starting Deployment and happens to receive 10.1.1.11 from Controller to use for ephemeral PXE IP.
3) Machine #1 sends packet to 10.1.2.100:5240
4) Controller sees pack from 10.1.1.11
5) Controller responds to 10.1.1.11
6) Machine #1 never sees the response packet

We suspect the response packet was sent Machine #2. We are actively parsing the pcap data to confirm.