rp_filter dropping packets (RHEV 3.0)

Comments 1

Hi Guys,

We have setup a RHEV-H server with the following network setup (all fictitious):

- NIC: display_network (1.1.1.5/27)

- NIC: rhevm (10.10.10.2/24) GW 10.10.10.1

Incoming packets on display_network with a source adres from outside both networks (like internet) are dropped by the rp_filter (Reverse Path Filter). See Red Hat article: https://access.redhat.com/knowledge/solutions/53031

I had to set "net.ipv4.conf.display_network.rp_filter = 2" to get SPICE connections (and ICMP / TCP) working.

Questions:

- Did anyone run in to this problem aswell?

- Has this been changed (fixed) in RHEV 3.1 (I wasn't able to check my self)?

- In our old environment (RHEV 2.2) this wasn't a problems (seems like a difference between RHEL5 and RHEL6). I have reviewed the documentation, shouldn't there be a notice about this somewhere?

Regards, Vincent

ps: a case has been opened for this issue (for those who can view it): 00745715

Started 2012-11-22T10:23:49+00:00 by

Vincent Pluk

Expert 823 points

Responses

Red Hat 25369 points

23 November 2012 2:41 AM

David Powles

Administrator

Thanks Vincent. Since you've opened a case on this issue, I won't invite a Red Hat associate to comment in this discussion (it's easier to just use one channel of communication) but perhaps someone else in the community can shed some light on this issue. Regardless, do let us know how the situation is resolved.

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories

Responses