openstack team mailing list archive

Thread
Date
Re: l3-agent iptables-restore: line 23 failed

To: Martin Mailand <martin@xxxxxxxxxxxx>
From: Remo Mattei <remo@xxxxxxxxxx>
Date: Mon, 3 Jun 2013 09:16:41 -0700
Cc: openstack@xxxxxxxxxxxxxxxxxxx
In-reply-to: <51AA08FD.9040106@tuxadero.com>
did you do iptables-save? if you want to save the rules and check them out do iptables-save >nameofthefile. 

That should do it.

Remo 

On Jun 1, 2013, at 07:45 , Martin Mailand <martin@xxxxxxxxxxxx> wrote:

> Hi List,
> 
> if I add my routers gateway to an external network, I get an error in
> the l3-agent.log, about a failure in iptables-restore.
> As far as I know iptables-restore gets the information on stdin, how
> could I see the iptable rules which do not apply?
> How could I debug this further?
> Full log is attachted.
> 
> -martin
> 
> Command:
> root@controller:~# quantum router-gateway-set
> ac1a85c9-d5e1-4976-a16b-14ccdac49c17 61bf1c06-aea7-4966-9718-2be029abc18d
> Set gateway for router ac1a85c9-d5e1-4976-a16b-14ccdac49c17
> root@controller:~#
> 
> Log:
> 
> 2013-06-01 16:07:35    DEBUG [quantum.agent.linux.utils] Running
> command: ['sudo', 'quantum-rootwrap', '/etc/quantum/rootwrap.conf',
> 'ip', 'netns', 'exec', 'qrouter-ac1a85c9-d5e1-4976-a16b-14ccdac49c17',
> 'iptables-restore']
> 2013-06-01 16:07:35    DEBUG [quantum.agent.linux.utils]
> Command: ['sudo', 'quantum-rootwrap', '/etc/quantum/rootwrap.conf',
> 'ip', 'netns', 'exec', 'qrouter-ac1a85c9-d5e1-4976-a16b-14ccdac49c17',
> 'iptables-restore']
> Exit code: 1
> Stdout: ''
> Stderr: 'iptables-restore: line 23 failed\n'
> 
> 
> quantum router-show ac1a85c9-d5e1-4976-a16b-14ccdac49c17
> +-----------------------+--------------------------------------------------------+
> | Field                 | Value
>         |
> +-----------------------+--------------------------------------------------------+
> | admin_state_up        | True
>         |
> | external_gateway_info | {"network_id":
> "61bf1c06-aea7-4966-9718-2be029abc18d"} |
> | id                    | ac1a85c9-d5e1-4976-a16b-14ccdac49c17
>         |
> | name                  | router1
>         |
> | routes                |
>         |
> | status                | ACTIVE
>         |
> | tenant_id             | b5e5af3504964760ad51c4980d30f89a
>         |
> +-----------------------+--------------------------------------------------------+
> 
> 
> quantum net-show 61bf1c06-aea7-4966-9718-2be029abc18d
> +---------------------------+--------------------------------------+
> | Field                     | Value                                |
> +---------------------------+--------------------------------------+
> | admin_state_up            | True                                 |
> | id                        | 61bf1c06-aea7-4966-9718-2be029abc18d |
> | name                      | ext_net                              |
> | provider:network_type     | gre                                  |
> | provider:physical_network |                                      |
> | provider:segmentation_id  | 2                                    |
> | router:external           | True                                 |
> | shared                    | False                                |
> | status                    | ACTIVE                               |
> | subnets                   | ccde4243-5857-4ee2-957e-a11304366f85 |
> | tenant_id                 | 43b2bbbf5daf4badb15d67d87ed2f3dc     |
> +---------------------------+--------------------------------------+
> 
> 
> !DSPAM:2,51aa0917238578021612563!
> <l3-agent.log>_______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
> 
> 
> !DSPAM:2,51aa0917238578021612563!
References

l3-agent iptables-restore: line 23 failed
From: Martin Mailand, 2013-06-01