yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1083990] Re: Quantum-l3-agent leaves multiple NAT rules for same floating IP

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Mark McLoughlin <markmc@xxxxxxxxxx>
Date: Thu, 31 Jan 2013 22:05:21 -0000
Reply-to: Bug 1083990 <1083990@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: quantum/folsom
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to quantum.
https://bugs.launchpad.net/bugs/1083990

Title:
  Quantum-l3-agent leaves multiple NAT rules for same floating IP

Status in OpenStack Quantum (virtual network service):
  Fix Released
Status in quantum folsom series:
  Fix Released

Bug description:
  System info: 
  Fedora 17 with Folsom and quantum (no nova-network). The system uses linuxbridges and network namespaces, running the RPMs from Fedora 17 Folsom repository.

  In the external router namespace, the quantum-l3-agent-* tables don't
  get their floating IP info purged properly. This seems to happen at
  least when reassigning an already assigned address. Example iptables
  rules where both 192.168.1.9 and 192.168.1.10 have the same floating
  IP rules, even if the IP isn't assigned anymore

  -A quantum-l3-agent-OUTPUT -d 193.166.3.246/32 -j DNAT --to-destination 192.168.1.9
  -A quantum-l3-agent-OUTPUT -d 193.166.3.246/32 -j DNAT --to-destination 192.168.1.10
  -A quantum-l3-agent-POSTROUTING ! -i qg-4b8931da-6b ! -o qg-4b8931da-6b -m conntrack ! --ctstate DNAT -j ACCEPT
  -A quantum-l3-agent-PREROUTING -d 193.166.3.246/32 -j DNAT --to-destination 192.168.1.9
  -A quantum-l3-agent-PREROUTING -d 193.166.3.246/32 -j DNAT --to-destination 192.168.1.10
  -A quantum-l3-agent-float-snat -s 192.168.1.9/32 -j SNAT --to-source 193.166.3.246
  -A quantum-l3-agent-float-snat -s 192.168.1.10/32 -j SNAT --to-source 193.166.3.246
  -A quantum-l3-agent-snat -j quantum-l3-agent-float-snat
  -A quantum-l3-agent-snat -s 192.168.1.0/24 -j SNAT --to-source 193.166.3.245

  
  quantum floatingip-list
  which: no gedit in (/usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
  which: no kate in (/usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
  +--------------------------------------+------------------+---------------------+---------+
  | id                                   | fixed_ip_address | floating_ip_address | port_id |
  +--------------------------------------+------------------+---------------------+---------+
  | 7aba3f04-ecfe-4f3b-94fd-50df7232b283 |                  | 193.166.3.246       |         |
  +--------------------------------------+------------------+---------------------+---------+

To manage notifications about this bug go to:
https://bugs.launchpad.net/quantum/+bug/1083990/+subscriptions