Unable to add external alias between 802.1q and vxlan network

Hi all,

I have a setup with a ‘public’ network for external connectivity via an 802.1q bridged network, and several ‘internal’ VXLAN networks.

Outbound NAT (MASQ) from VXLAN networks via the public network works, I can also create a VROUTER between VXLAN networks with SDNAT and external alias interfaces.

However, when I want to create an external alias interface in the public 802.1Q network for a VM in a VXLAN, It fails with the following lines in oned.log:

Wed Dec 22 09:46:13 2021 [Z0][ReM][D]: Req:9712 UID:0 IP:127.0.0.1 one.vm.attachnic invoked , 155, “NIC_ALIAS = [
NE…”
Wed Dec 22 09:46:13 2021 [Z0][ReM][D]: Req:9712 UID:0 one.vm.attachnic result SUCCESS, 155
Wed Dec 22 09:46:14 2021 [Z0][VMM][I]: ExitCode: 0
Wed Dec 22 09:46:14 2021 [Z0][VMM][I]: ExitCode: 0
Wed Dec 22 09:46:14 2021 [Z0][VMM][I]: Successfully execute network driver operation: pre.
Wed Dec 22 09:46:14 2021 [Z0][VMM][I]: ExitCode: 0
Wed Dec 22 09:46:14 2021 [Z0][VMM][I]: Command execution fail: cat << EOT | /var/tmp/one/vnm/802.1Q/post ‘726e18d6-0d4d-4af1-ac75-6df9152d75b7’ ‘sc-ela-tnb02.sc.core.intel.politie’
Wed Dec 22 09:46:14 2021 [Z0][VMM][E]: post: undefined method []' for nil:NilClass Wed Dec 22 09:46:14 2021 [Z0][VMM][E]: post: ["/var/tmp/one/vnm/security_groups_iptables.rb:390:in nic_pre’", “/var/tmp/one/vnm/sg_driver.rb:97:in block in activate'", "/var/tmp/one/vnm/vnm_driver.rb:88:in block in process_all’”, “/var/tmp/one/vnm/vm.rb:98:in block in each_nic_alias'", "/var/tmp/one/vnm/vm.rb:97:in each’”, “/var/tmp/one/vnm/vm.rb:97:in each_nic_alias'", "/var/tmp/one/vnm/vnm_driver.rb:86:in process_all’”, “/var/tmp/one/vnm/sg_driver.rb:89:in activate'", "/var/tmp/one/vnm/802.1Q/post:32:in '”]
Wed Dec 22 09:46:14 2021 [Z0][VMM][I]: ExitCode: 1
Wed Dec 22 09:46:14 2021 [Z0][VMM][I]: Failed to execute network driver operation: post.
Wed Dec 22 09:46:14 2021 [Z0][IPM][D]: Message received: ATTACHNIC FAILURE 155 vxlan: - 802.1Q: -

Any ideas where I can see what is going wrong?

Hi @cdg,

Which OpenNebula version are you using?

OpenNebula 6.0.0.2

(Sorry, should have mentioned in the original post)

Upgraded to 6.2.0 and issue no longer appears.

Hi @cdg,

Sorry for the late reply, yes IP spoofing support for aliases was added at 6.2.