Static NAT with multiple public interfaces uses wrong outgoing IP

[div8cn]

ISSUE TYPE

• Bug Report

COMPONENT NAME

VR

CLOUDSTACK VERSION

4.13.1

CONFIGURATION

advanced networking
multiple public interfaces

OS / ENVIRONMENT

CentOS7 +KVM +Bridge

SUMMARY

When a VR has public IPs on multiple interfaces, a static NAT rule which is not on the first public interface will have outgoing traffic originating from the Source NAT IP

Same as #3168 fault description
However, my mangle / PREROUTING firewall rule status is already NEW MARK set 0x67

STEPS TO REPRODUCE

1. Assign public IP from different subnet to VR (so that VR gets eth3 created).
2. Deploy a VM on this network
3. Create static NAT rule for this new public IP to the new VM
4. Run curl ip.sb inside the VM

EXPECTED RESULTS

Output should be the Static NAT IP

ACTUAL RESULTS

Output is the Source NAT IP

[DaanHoogland]

this would be a regression if it is indeed the same as

• Static NAT with multiple public interfaces uses wrong outgoing IP #3168 as that was merged in 2f268fb which is in 4.13.1 amongst others
• CLOUDSTACK-10317: Fix SNAT rules for additional public nics #2476 is also similar and was fixed in c0440e8

still looking for more related pr/issues

[div8cn]

We use this PR to solve this problem #4236

[DaanHoogland]

as stated by @weizhouapache in that PR, it needs more love

[weizhouapache]

as stated by @weizhouapache in that PR, it needs more love

yes. I am currently testing vpc in 4.14/4.15 and fixed some issues.
I will create pr when all are tested ok.

[rohityadavcloud]

PR #4484 is merged should we close this @div8cn @ustcweizhou ?

[weizhouapache]

PR #4484 is merged should we close this @div8cn @ustcweizhou ?

@rhtyd ok for me.
@div8cn could you verify it ?

[rohityadavcloud]

No response from issue author, closing on remark that @weizhouapache found and fixed the issue.
@div8cn pl test and reopen issue if you can reproduce this with 4.14.1.0, 4.15/master branches.