On computers with wi-fi adapters, promiscuous mode on the VirtualBox (or
maybe other hypervisors as well) NICs does not work, which means the
default way of connecting the Neutron external interface to a bridged
adapter, will not allow communication to and from the Nova VMs over
floating IPs with any computer on the external network (except the host
computer) or with the wi-fi router. This means no ability to connect to
the Nova VMs and no internet access inside the Nova VMs.
According to VirtualBox documentation (excerpt): "Bridging to a wireless
interface is done differently from bridging to a wired interface,
because most wireless adapters do not support promiscuous mode. All
traffic has to use the MAC address of the host’s wireless adapter, and
therefore VirtualBox needs to replace the source MAC address in the
Ethernet header of an outgoing packet to make sure the reply will be
sent to the host interface. When VirtualBox sees an incoming packet with
a destination IP address that belongs to one of the virtual machine
adapters it replaces the destination MAC address in the Ethernet header
with the VM adapter’s MAC address and passes it on. VirtualBox examines
ARP and DHCP packets in order to learn the IP addresses of virtual
machines."
To fix this issue, a new flag has been introduced: WIFI. If true, the
default Vagrant public network is not created anymore. Instead, the 3rd
NIC will be connected to a NAT-Network named OSNetwork. The NAT-Network
has a virtual gateway, which will be used to communicate with the
external physical wi-fi router. Since Vagrant does not have a high-level
mechanism to attach an adapter to a NAT-Network, the code uses the
low-level Vagrant construct vm.customize which makes it provider
specific.
Promiscuous mode is now activated by default on the 3rd NIC.
The WIFI flag is false by default.
This commit only addresses VirtualBox, and it is currently unknown if
the problem described and fixed in this commit is present in other
hypervisors.
DocImpact
Closes-Bug: #1560274
Change-Id: I22517d055cfdcbe70e4c34a0dba611d0ed50dcc3
Signed-off-by: Andrei-Lucian Șerb <lucian.serb@icloud.com>
349a2a8ebb