See the saved query https://console.cloud.google.com/bigquery?sq=581276032543:3e63327785174d50b207ae16597e3b6b
Circumstantial evidence suggests two causes:
- OAM from cloud avoids a double NAT by routing directly between the cloud VMs
- Organic tests from within GEN might do the same.
This created a problem for use, because in both cases the client annotations are wrong. Case 1) is discarded normally, but case 2) potentially interferes with using virtual MLab to diagnose GEN and GCloud networking problems.
Case 1 can be partially resolved in two ways:
- 1a Add client annotations to all OAM (generally a good idea)
- 1b Capture the RFC 1918 addresses for all OAM, in addition to the public addresses.
We need to think more about case 2.
See the saved query https://console.cloud.google.com/bigquery?sq=581276032543:3e63327785174d50b207ae16597e3b6b
Circumstantial evidence suggests two causes:
This created a problem for use, because in both cases the client annotations are wrong. Case 1) is discarded normally, but case 2) potentially interferes with using virtual MLab to diagnose GEN and GCloud networking problems.
Case 1 can be partially resolved in two ways:
We need to think more about case 2.