Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tests from RFC1918 addresses on mlab01.lhr09 #668

Open
mattmathis opened this issue Apr 5, 2022 · 5 comments
Open

Tests from RFC1918 addresses on mlab01.lhr09 #668

mattmathis opened this issue Apr 5, 2022 · 5 comments
Assignees
@mattmathis

Comments

@mattmathis
Copy link

See the saved query https://console.cloud.google.com/bigquery?sq=581276032543:3e63327785174d50b207ae16597e3b6b

Circumstantial evidence suggests two causes:

  1. OAM from cloud avoids a double NAT by routing directly between the cloud VMs
  2. Organic tests from within GEN might do the same.

This created a problem for use, because in both cases the client annotations are wrong. Case 1) is discarded normally, but case 2) potentially interferes with using virtual MLab to diagnose GEN and GCloud networking problems.

Case 1 can be partially resolved in two ways:

  • 1a Add client annotations to all OAM (generally a good idea)
  • 1b Capture the RFC 1918 addresses for all OAM, in addition to the public addresses.
    We need to think more about case 2.
@stephen-soltesz
Copy link
Contributor

Given this is likely related to intra-cloud routing, I'm transferring this issue to k8s-support repo.

@stephen-soltesz stephen-soltesz transferred this issue from m-lab/etl-schema Apr 6, 2022
@stephen-soltesz
Copy link
Contributor

FYI: @nkinkade

@nkinkade
Copy link
Contributor

@mattmathis: The saved query linked to in the original comment would not work for me without removing node from the field list in the UNION queries. I removed that field from both statements and it ran, but didn't reveal anything interesting (to me).... just rows with machine types, test counts, protocols, etc. Could you provide me with some sample rows showing RFC1918 addresses?

The OAM ndt5 end-to-end testing uses ndt5-client-go. From what I can see, that client does not currently allow sending any additional client metadata to the server.

If what your are seeing is really some sort of internal Google networking magic, it's not immediately clear how we get around that and still run the end-to-end tests from GCP. We could possible run them from some external provider like Linode.

@nkinkade nkinkade self-assigned this Apr 22, 2022
@mattmathis
Copy link
Author

I have updated the query to reflect changes in the underlying views. Still investigating.

@nkinkade nkinkade assigned mattmathis and unassigned nkinkade May 13, 2022
@nkinkade
Copy link
Contributor

nkinkade commented Jun 7, 2022

@mattmathis: My understanding is that this might not be an issue after all. Is this correct? If this might have been a false alarm, would you please close this issue? We can always reopen it later.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mattmathis mattmathis

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@stephen-soltesz @nkinkade @mattmathis