[vcap-dev] Warden test case， why check reachable by ping "4.2.2.1"

[tsj...@huawei.com]

https://github.com/cloudfoundry/warden/blob/master/warden/spec/container/linux_spec.rb#L500

 

 

why is a exact ip “4.2.2.1”？ in my test environment, this ip is not exist, maybe should be the gateway’s ip of host?

 

Like “ip route get 1.1.1.1 | cut -f 3 -d ' ' |head -n 1” ?

[Glyn Normington]

I suppose the earlier definition:

let(:allow_networks) do
        ["4.2.2.1/32"]
end

sets this up.

[tsj...@huawei.com]

thank you for reply, this is my first post. :-) 

i find the "allow_networks" will be used for host's iptables, here:

https://github.com/cloudfoundry/warden/blob/master/warden/root/linux/net.sh#L88

but if the destination ip is not exist, though the ping packet can pass the iptables, it can not get a response. 

so how it works? 

在 2014年5月8日星期四UTC+8下午1时34分58秒，Glyn Normington写道：

[Jan Dubois]

On Wed, May 7, 2014 at 11:32 PM, <tsj...@huawei.com> wrote:
> thank you for reply, this is my first post. :-)
>
> i find the "allow_networks" will be used for host's iptables, here:
> https://github.com/cloudfoundry/warden/blob/master/warden/root/linux/net.sh#L88
>
> but if the destination ip is not exist, though the ping packet can pass the
> iptables, it can not get a response.
>
> so how it works?

4.2.2.1 is a public DNS server by Level 3 (like 8.8.8.8 by Google). So
if you have access to the public internet, then you should be able to
route to it.

I guess the test should be skipped in case you are running in a walled
off network (or you would have to manually change to an IP address
that you "know" exists in your setup).

Cheers,
-Jan

[tsj...@huawei.com]

get it, thank you very much:-)

so this test case is not suit for these who are running behind a proxy, a http_proxy is not support 'ping' method, though packet install is ok in other test case.
hope it can be more "robust".

在 2014年5月9日星期五UTC+8上午1时31分59秒，Jan Dubois写道：