yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1170155] Re: SSL error with HTTPS

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Bill Rich <bill.rich@xxxxxxxxx>
Date: Mon, 08 Jul 2013 18:41:57 -0000
Reply-to: Bug 1170155 <1170155@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1170155

Title:
  SSL error with HTTPS

Status in OpenStack Neutron (virtual network service):
  Fix Released

Bug description:
  1500 MTU assigned by dnsmasq is too large over GRE tunnel used by OVS.
  Packet fragmentation occurs and HTTPS certs fail.

  When I try and initiate an HTTPS session from an instance, it times
  out with an SSL error.

  Tests from within an instance
  'curl https://$url` fails
  'curl http://$url' works
  'openssl s_client -connect $url 443' returns CONNECTED(00000003) and then hangs
  'telnet $url 443' works

  If I run the same commands from the quantum server within the router namespace, everything works fine.
  Launching the same image on a Folsom cloud with Nova-Networking works fine.

  I am using Grizzly with Quantum. There is one quantum server and one
  KVM hypervisor. All quantum services are running on the quantum server
  and only the ovs plugin is running on the hypervisor. The instance is
  assigned a private IP address. I have a router created with the
  gateway set to a public network and an interface on the private
  network.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1170155/+subscriptions