Silk Controller assigns IPs exceeding the range of the overlay network for each container
search cancel

Silk Controller assigns IPs exceeding the range of the overlay network for each container

book

Article ID: 297648

calendar_today

Updated On:

Products

VMware Tanzu Application Service for VMs

Issue/Introduction

Symptoms:
The Silk Controller assigns IPs for each container, exceeding the range of the overlay network. This is caused by configuring with the wrong Classless Inter-Domain Routing (CIDR) expression at the Overlay Subnet box of the Networking pane in the VMware Tanzu Application Service for VMs tile.

For example, suppose you want to set a subnet mask of /255.240.0.0 (CIDR expression: /12). The expected range of IPs is as below:
  • 10.240.0.0 - 10.255.255.255
However, if you look at the Silk database, some IPs are out of the expected IP range and may be assigned as below, like 11.*.*.*., which are not incompatible with RFC 1918 in this case. 
mysql/7cf95dad-2e8f-4a9a-af69-b80cb71a20c4:~# /var/vcap/packages/pxc/bin/mysql --defaults-file=/var/vcap/jobs/pxc-mysql/config/mylogin.cnf -D silk
 :
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
 
mysql> select * from subnets;
+----+-------------+----------------+-------------------+-----------------+
| id | underlay_ip | overlay_subnet | overlay_hwaddr    | last_renewed_at |
+----+-------------+----------------+-------------------+-----------------+
| 15 | 10.0.0.2*   | 11.14.***.0/24 | ee:e*:0b:*e:a7:00 |      15*126*180 |
| 16 | 10.0.0.*7   | 11.3.***.0/24  | ee:e*:0b:*3:68:00 |      15*126*180 |
| 17 | 10.0.0.*8   | 11.0.***.0/24  | ee:e*:0b:*0:a4:00 |      15*126*180 |
| 18 | 10.2.0.1*   | 11.11.***.0/24 | ee:e*:0b:*b:c5:00 |      15*126*180 |
| 19 | 10.2.0.*1   | 10.255.**.0/24 | ee:e*:0a:*f:2c:00 |      15*126*180 |
| 22 | 10.2.0.*2   | 11.3.***.0/24  | ee:e*:0b:*3:be:00 |      15*126*180 |
+----+-------------+----------------+-------------------+-----------------+

Environment


Cause

This issue is specifically caused by configuring with the non-standard CIDR expression at the Overlay Subnet box.

For example, suppose you want to set a subnet mask of /255.240.0.0 to determine IP range as below:
  • 10.240.0.0 - 10.255.255.255
In this case, you should configure the following at the Overlay Subnet box based on the CIDR expression:
  • 10.240.0.0/12
Note: You can take 1,048,576 IPs starting from 10.240.0.0 for each container in this case.

Suppose you configure as below:
  • 10.255.0.0/12
According to CIDR concept, this expression is non-standard expression. However, you should be able to take 1,048,576 IPs starting from 10.240.0.0 for each container.

But the older implementation of Silk Controller assigns 1,048,576 IPs starting from 10.255.0.0 for each containers, in this case.

As a result, Silk Controller may assign IPs exceeding the expected IP range with this older release of TAS for VMs products than v2.5.18 and v2.6.13.

Note: The IP range is determined by the start address and the number of assignable IPs, according to the standard CIDR expression.

Resolution

Configure with the standard CIDR expression at the Overlay Subnet box, such as 10.240.0.0/12, rather than 10.255.0.0/12, in this case.

Powered by Wolken Software