Bug ID 624826: mgmt bridge takes HWADDR of guest vm's tap interface

Last Modified: Oct 16, 2023

Affected Product(s):
BIG-IP vCMP(all modules)

Known Affected Versions:
11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 12.1.1, 12.1.2

Fixed In:
13.0.0, 12.1.3, 11.6.3.3

Opened: Oct 25, 2016

Severity: 2-Critical

Related Article: K36404710

Symptoms

MGMT interface becomes unreachable and stops responding to traffic. Whenever guest is in provisioned state MAC address assigned to mgmt is correct (taken from base MAC). Whenever guest is in deployed state MAC address on host mgmt interface changes and is exactly the same as mgmt_vm_tap MAC.

Impact

Connectivity to the vCMP host platform is lost when the guest is deployed.

Conditions

The platform shipped with a "low" F5 base_mac A Linux bridge by default takes as its mac the lowest mac of its constituent interfaces. This did not cause a problem before because F5 Networks systems' baseMacs have historically been "low", e.g., with legacy_baseMacs in {00:01:D7, 00:0A:49, 00:23:E9}. When a guest tap interface is added to the mgmt bridge, the bridge takes its Linux default action, which is to take as its mac the lowest mac address of its constituent interfaces. With the comparison min(eth0's mac, guestTap's mac) returning guestTap's mac, the mgmt bridge incorrectly assumes a guestTapIntfc mac.

Workaround

Use ifconfig to ensure that the mac address of the mgmt bridge never changes from eth0. For example, the following command sets as the mac of this bridge, the value passed in Mac. ifconfig <bridgeName= mgmt> hw ether <Mac of Eth0> Note: This assumes that eth0 will always be contained in the mgmt bridge.

Fix Information

The system now uses ifconfig to assign the mac of interface eth0 to bridge mgmt.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips