Github user remibergsma commented on the pull request:
https://github.com/apache/cloudstack/pull/1214#issuecomment-163895685
@terbolous I appreciate your worries, and I'll try to explain why I think
there is nothing to worry about.
Right now, everything that has no specific route will go to the default
gateway. The default gateway is the gateway of the public interface. So, if the
internal DNS server resolved `remi.nl` to `10.0.0.1` the systemvm will send
that to the gateway of the public network, which will drop it because it won't
accept RFC1918 space.
With this change, it is routed to the internal gateway instead which may or
may not be able to reach it. If it can, this is a win. If it cannot, we have
the same situation as we have now.
I tested the console and that works fine. The reason for this is, that
routing in Linux takes specific routes over more generic ones.
If I set `10.0.0.0/8` to the internal gateway, and `10.0.0.1/32` or
`10.1.0.0/24` to another interface (because it may be the secondary storage
network or whatever) then this `/24` is more specific than the `/8`. The routes
I added act like a `catch-all` to try the internal gateway before giving up.
Hope this helps!
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
