Skip to content

HVM Agent selects wrong address for private_ip_address #13519

Description

@EduFrazao

problem

Hi.
In a advanced netowrk zone, VXLAN based, my KVM agents are using the storage network address as private ip address.

The network storage network is not routable between components, and it is causing severe problems like mal function on CPVM that try to connect on the wrong address to establish a connection with the hypervisor VNC Port.

The storage address is correctly found.

This is an exemple of my interfaces config:

root@hypr2-rck3:~# ip -br a
lo               UNKNOWN        127.0.0.1/8 10.1.4.2/32 fd00:1337:1:4::2/128 ::1/128 
ens8f0np0        DOWN           
ens8f1np1        DOWN           
ens5f0np0        UP             10.1.32.3/31 fd00:1337:1:20::3/127 fe80::e4f8:1110:2c37:62ca/64 
ens5f1np1        DOWN           
vxlan200         UNKNOWN        
vxlan202         UNKNOWN        
v-secstorbr@v-secstor UP             
v-secstor@v-secstorbr UP             10.1.48.2/22 fd00:1337:1:2d::2/64 fe80::a6c6:ac43:1c4:ab35/64 
v-clmgmtbr@v-clmgmt UP             
v-clmgmt@v-clmgmtbr UP             10.1.0.2/22 fd00:1337:1::2/64 fe80::a535:f84c:40f1:b424/64 
eth-clguest      UNKNOWN        
v-clstoragebr@v-clstorage UP             
v-clstorage@v-clstoragebr UP             10.1.16.2/20 fd00:1337:1:10::2/64 fe80::e263:1ef4:9243:237e/64 
br-secstor       UP             
eth-clpublic     UNKNOWN        
vxlan100         UNKNOWN        
br-clmgmt        UP             
br-clguest       UP             
br-clstorage     UP             
br-clpublic      UP             
cloud0           UNKNOWN        169.254.0.1/16 fe80::d028:d0ff:fe30:3c0d/64

agent.properties

root@hypr2-rck3:~# cat /etc/cloudstack/agent/agent.properties
#Storage
#Tue Jun 30 18:10:35 BRT 2026
LibvirtComputingResource.id=6
LibvirtComputingResource.name=hypr2-rck3
LibvirtComputingResource.uuid=***
cluster=1
domr.scripts.dir=scripts/network/domr/kvm
guest.cpu.mode=custom
guest.cpu.model=Icelake-Server-noTSX
guest.network.device=br-clguest
guid=d46e7512-0114-378f-baf5-0c0683092c05
host=10.254.0.101,10.254.0.100@roundrobin
hypervisor.type=kvm
iscsi.session.cleanup.enabled=false
keystore.passphrase=****
local.storage.uuid=***
network.bridge.type=native
pod=1
port=8250
private.network.device=br-clmgmt
public.network.device=br-clpublic
resource=com.cloud.hypervisor.kvm.resource.LibvirtComputingResource
vm.migrate.wait=3600
vxlan.network.vtep.ip=10.1.4.2
workers=5
zone=2

The agent is selecting 10.1.16.2 address as storage (correct) and private (incorrect, the correct IP should be 10.1.0.2).

This range is directly routable. The agent can reach the management servers from this address, and the management servers can do stablish new connections with hosts too.

There is some property that I can change to enforce the private address?

versions

Cloudstack 4.22.1.0
OS: Rocky Linux 10.2
Agent: 4.22.1.0
Java: OpenJDK 64-Bit Server VM (Red_Hat-21.0.11.0.10-1) (build 21.0.11+10-LTS, mixed mode, sharing)

The steps to reproduce the bug

  1. Setup a FRR / VXLAN / EVPN enviroment
  2. Setup an advanced network zone in Cloudstack.
  3. Adopt an hypervisor (using the correct ip address on the UI).
  4. Adotion will work and hypervisor will be connected, able to run VMs, but with management IP incorrectly stored.

What to do about it?

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions