← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1266983] [NEW] Grizzly 2013.1.4 's NOVA Waste PublicIP

 

Public bug reported:

192.168.0.0/24 is Manage IP
172.168.149.0/24 is Public IP
172.5.5.0/24 is VM Fix IP
  
1.We boot a VM only link to private network without public network,
[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID                                   | Name             | Status | Task State | Power State | Networks                                                           |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test   | ACTIVE | None       | Running     | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None       | Running     | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9                   |
| acd5c695-85c3-4e89-8730-e0badf487a5a | cirros_test      | ACTIVE | None       | Running     | wuxi_it-net=172.168.5.13                                           |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+

  2.We assign a floating-ip to this VM
[root@controllernode ~(wuxi_it)]$ nova add-floating-ip cirros_test 172.168.149.157

[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID                                   | Name             | Status | Task State | Power State | Networks                                                           |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test   | ACTIVE | None       | Running     | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None       | Running     | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9                   |
| acd5c695-85c3-4e89-8730-e0badf487a5a | cirros_test      | ACTIVE | None       | Running     | wuxi_it-net=172.168.5.13, 172.168.149.157                          |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+

     We find we can't ping this IP:172.168.149.157

   3.We boot a VM with both private and public network and assign same floating-ip to this VM
[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID                                   | Name             | Status | Task State | Power State | Networks                                                           |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test   | ACTIVE | None       | Running     | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None       | Running     | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9                   |
| 5166613f-90dd-4d1b-b79c-41497215746c | Cirros_3.1_test  | BUILD  | spawning   | NOSTATE     | ext_net=172.168.149.162; wuxi_it-net=172.168.5.15                  |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
[root@controllernode ~(wuxi_it)]$ nova floating-ip-list
+-----------------+--------------------------------------+--------------+---------+
| Ip              | Instance Id                          | Fixed Ip     | Pool    |
+-----------------+--------------------------------------+--------------+---------+
| 172.168.149.155 | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | 172.168.5.11 | ext_net |
| 172.168.149.156 | 98d31755-1e92-4217-8247-b2be88978475 | 172.168.5.12 | ext_net |
| 172.168.149.157 | None                                 | None         | ext_net |
+-----------------+--------------------------------------+--------------+---------+
[root@controllernode ~(wuxi_it)]$ nova add-floating-ip  Cirros_3.1_test 172.168.149.157

[root@controllernode ~(wuxi_it)]$ nova floating-ip-list
+-----------------+--------------------------------------+--------------+---------+
| Ip              | Instance Id                          | Fixed Ip     | Pool    |
+-----------------+--------------------------------------+--------------+---------+
| 172.168.149.155 | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | 172.168.5.11 | ext_net |
| 172.168.149.156 | 98d31755-1e92-4217-8247-b2be88978475 | 172.168.5.12 | ext_net |
| 172.168.149.157 | 5166613f-90dd-4d1b-b79c-41497215746c | 172.168.5.15 | ext_net |
+-----------------+--------------------------------------+--------------+---------+

[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID                                   | Name             | Status | Task State | Power State | Networks                                                           |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test   | ACTIVE | None       | Running     | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None       | Running     | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9                   |
| 5166613f-90dd-4d1b-b79c-41497215746c | Cirros_3.1_test  | ACTIVE | None       | Running     | ext_net=172.168.149.162; wuxi_it-net=172.168.5.15, 172.168.149.157 |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+

   We find we can ping this public IP now.
  
   For 1st test, check in NetworkNode:
-A quantum-l3-agent-OUTPUT -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-OUTPUT -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-OUTPUT -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.13
-A quantum-l3-agent-POSTROUTING ! -i qg-6cd6c622-34 ! -o qg-6cd6c622-34 -m conntrack ! --ctstate DNAT -j ACCEPT
-A quantum-l3-agent-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
-A quantum-l3-agent-PREROUTING -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-PREROUTING -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-PREROUTING -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.13
-A quantum-l3-agent-float-snat -s 172.168.5.11/32 -j SNAT --to-source 172.168.149.155
-A quantum-l3-agent-float-snat -s 172.168.5.12/32 -j SNAT --to-source 172.168.149.156
-A quantum-l3-agent-float-snat -s 172.168.5.13/32 -j SNAT --to-source 172.168.149.157
-A quantum-l3-agent-snat -j quantum-l3-agent-float-snat
-A quantum-l3-agent-snat -s 172.168.5.0/24 -j SNAT --to-source 172.168.149.153
-A quantum-postrouting-bottom -j quantum-l3-agent-snat
COMMIT
# Completed on Fri Dec 27 11:42:48 2013
[root@NetworkNode ~]# ping 172.168.149.157
PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
^C
--- 172.168.149.157 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2526ms

[root@NetworkNode ~]# ping 172.168.149.156

PING 172.168.149.156 (172.168.149.156) 56(84) bytes of data.
64 bytes from 172.168.149.156: icmp_seq=1 ttl=127 time=2.27 ms

^C
--- 172.168.149.156 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 749ms
rtt min/avg/max/mdev = 2.271/2.271/2.271/0.000 ms
[root@NetworkNode ~]# ping 172.168.149.157
PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
^C
--- 172.168.149.157 ping statistics ---
39 packets transmitted, 0 received, 100% packet loss, time 38935ms


    For 2nd test, check in NetworkNode:
-A quantum-l3-agent-OUTPUT -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-OUTPUT -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-OUTPUT -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.15
-A quantum-l3-agent-POSTROUTING ! -i qg-6cd6c622-34 ! -o qg-6cd6c622-34 -m conntrack ! --ctstate DNAT -j ACCEPT
-A quantum-l3-agent-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
-A quantum-l3-agent-PREROUTING -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-PREROUTING -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-PREROUTING -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.15
-A quantum-l3-agent-float-snat -s 172.168.5.11/32 -j SNAT --to-source 172.168.149.155
-A quantum-l3-agent-float-snat -s 172.168.5.12/32 -j SNAT --to-source 172.168.149.156
-A quantum-l3-agent-float-snat -s 172.168.5.15/32 -j SNAT --to-source 172.168.149.157
-A quantum-l3-agent-snat -j quantum-l3-agent-float-snat
-A quantum-l3-agent-snat -s 172.168.5.0/24 -j SNAT --to-source 172.168.149.153
-A quantum-postrouting-bottom -j quantum-l3-agent-snat
COMMIT
# Completed on Fri Dec 27 11:50:43 2013
[root@NetworkNode ~]# ping 172.168.149.157
PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
64 bytes from 172.168.149.157: icmp_seq=1 ttl=63 time=1.80 ms
64 bytes from 172.168.149.157: icmp_seq=2 ttl=63 time=0.636 ms
^C
--- 172.168.149.157 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1438ms
rtt min/avg/max/mdev = 0.636/1.219/1.803/0.584 ms
 
    It seems very waste IP address in IP pool.

** Affects: nova
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1266983

Title:
  Grizzly 2013.1.4 's NOVA Waste PublicIP

Status in OpenStack Compute (Nova):
  New

Bug description:
  192.168.0.0/24 is Manage IP
  172.168.149.0/24 is Public IP
  172.5.5.0/24 is VM Fix IP
    
  1.We boot a VM only link to private network without public network,
  [root@controllernode ~(wuxi_it)]$ nova list
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
  | ID                                   | Name             | Status | Task State | Power State | Networks                                                           |
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
  | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test   | ACTIVE | None       | Running     | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
  | d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None       | Running     | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9                   |
  | acd5c695-85c3-4e89-8730-e0badf487a5a | cirros_test      | ACTIVE | None       | Running     | wuxi_it-net=172.168.5.13                                           |
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+

    2.We assign a floating-ip to this VM
  [root@controllernode ~(wuxi_it)]$ nova add-floating-ip cirros_test 172.168.149.157

  [root@controllernode ~(wuxi_it)]$ nova list
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
  | ID                                   | Name             | Status | Task State | Power State | Networks                                                           |
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
  | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test   | ACTIVE | None       | Running     | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
  | d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None       | Running     | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9                   |
  | acd5c695-85c3-4e89-8730-e0badf487a5a | cirros_test      | ACTIVE | None       | Running     | wuxi_it-net=172.168.5.13, 172.168.149.157                          |
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+

       We find we can't ping this IP:172.168.149.157

     3.We boot a VM with both private and public network and assign same floating-ip to this VM
  [root@controllernode ~(wuxi_it)]$ nova list
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
  | ID                                   | Name             | Status | Task State | Power State | Networks                                                           |
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
  | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test   | ACTIVE | None       | Running     | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
  | d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None       | Running     | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9                   |
  | 5166613f-90dd-4d1b-b79c-41497215746c | Cirros_3.1_test  | BUILD  | spawning   | NOSTATE     | ext_net=172.168.149.162; wuxi_it-net=172.168.5.15                  |
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
  [root@controllernode ~(wuxi_it)]$ nova floating-ip-list
  +-----------------+--------------------------------------+--------------+---------+
  | Ip              | Instance Id                          | Fixed Ip     | Pool    |
  +-----------------+--------------------------------------+--------------+---------+
  | 172.168.149.155 | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | 172.168.5.11 | ext_net |
  | 172.168.149.156 | 98d31755-1e92-4217-8247-b2be88978475 | 172.168.5.12 | ext_net |
  | 172.168.149.157 | None                                 | None         | ext_net |
  +-----------------+--------------------------------------+--------------+---------+
  [root@controllernode ~(wuxi_it)]$ nova add-floating-ip  Cirros_3.1_test 172.168.149.157

  [root@controllernode ~(wuxi_it)]$ nova floating-ip-list
  +-----------------+--------------------------------------+--------------+---------+
  | Ip              | Instance Id                          | Fixed Ip     | Pool    |
  +-----------------+--------------------------------------+--------------+---------+
  | 172.168.149.155 | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | 172.168.5.11 | ext_net |
  | 172.168.149.156 | 98d31755-1e92-4217-8247-b2be88978475 | 172.168.5.12 | ext_net |
  | 172.168.149.157 | 5166613f-90dd-4d1b-b79c-41497215746c | 172.168.5.15 | ext_net |
  +-----------------+--------------------------------------+--------------+---------+

  [root@controllernode ~(wuxi_it)]$ nova list
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
  | ID                                   | Name             | Status | Task State | Power State | Networks                                                           |
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
  | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test   | ACTIVE | None       | Running     | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
  | d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None       | Running     | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9                   |
  | 5166613f-90dd-4d1b-b79c-41497215746c | Cirros_3.1_test  | ACTIVE | None       | Running     | ext_net=172.168.149.162; wuxi_it-net=172.168.5.15, 172.168.149.157 |
  +--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+

     We find we can ping this public IP now.
    
     For 1st test, check in NetworkNode:
  -A quantum-l3-agent-OUTPUT -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
  -A quantum-l3-agent-OUTPUT -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
  -A quantum-l3-agent-OUTPUT -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.13
  -A quantum-l3-agent-POSTROUTING ! -i qg-6cd6c622-34 ! -o qg-6cd6c622-34 -m conntrack ! --ctstate DNAT -j ACCEPT
  -A quantum-l3-agent-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
  -A quantum-l3-agent-PREROUTING -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
  -A quantum-l3-agent-PREROUTING -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
  -A quantum-l3-agent-PREROUTING -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.13
  -A quantum-l3-agent-float-snat -s 172.168.5.11/32 -j SNAT --to-source 172.168.149.155
  -A quantum-l3-agent-float-snat -s 172.168.5.12/32 -j SNAT --to-source 172.168.149.156
  -A quantum-l3-agent-float-snat -s 172.168.5.13/32 -j SNAT --to-source 172.168.149.157
  -A quantum-l3-agent-snat -j quantum-l3-agent-float-snat
  -A quantum-l3-agent-snat -s 172.168.5.0/24 -j SNAT --to-source 172.168.149.153
  -A quantum-postrouting-bottom -j quantum-l3-agent-snat
  COMMIT
  # Completed on Fri Dec 27 11:42:48 2013
  [root@NetworkNode ~]# ping 172.168.149.157
  PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
  ^C
  --- 172.168.149.157 ping statistics ---
  3 packets transmitted, 0 received, 100% packet loss, time 2526ms

  [root@NetworkNode ~]# ping 172.168.149.156

  PING 172.168.149.156 (172.168.149.156) 56(84) bytes of data.
  64 bytes from 172.168.149.156: icmp_seq=1 ttl=127 time=2.27 ms

  ^C
  --- 172.168.149.156 ping statistics ---
  1 packets transmitted, 1 received, 0% packet loss, time 749ms
  rtt min/avg/max/mdev = 2.271/2.271/2.271/0.000 ms
  [root@NetworkNode ~]# ping 172.168.149.157
  PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
  ^C
  --- 172.168.149.157 ping statistics ---
  39 packets transmitted, 0 received, 100% packet loss, time 38935ms

  
      For 2nd test, check in NetworkNode:
  -A quantum-l3-agent-OUTPUT -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
  -A quantum-l3-agent-OUTPUT -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
  -A quantum-l3-agent-OUTPUT -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.15
  -A quantum-l3-agent-POSTROUTING ! -i qg-6cd6c622-34 ! -o qg-6cd6c622-34 -m conntrack ! --ctstate DNAT -j ACCEPT
  -A quantum-l3-agent-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
  -A quantum-l3-agent-PREROUTING -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
  -A quantum-l3-agent-PREROUTING -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
  -A quantum-l3-agent-PREROUTING -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.15
  -A quantum-l3-agent-float-snat -s 172.168.5.11/32 -j SNAT --to-source 172.168.149.155
  -A quantum-l3-agent-float-snat -s 172.168.5.12/32 -j SNAT --to-source 172.168.149.156
  -A quantum-l3-agent-float-snat -s 172.168.5.15/32 -j SNAT --to-source 172.168.149.157
  -A quantum-l3-agent-snat -j quantum-l3-agent-float-snat
  -A quantum-l3-agent-snat -s 172.168.5.0/24 -j SNAT --to-source 172.168.149.153
  -A quantum-postrouting-bottom -j quantum-l3-agent-snat
  COMMIT
  # Completed on Fri Dec 27 11:50:43 2013
  [root@NetworkNode ~]# ping 172.168.149.157
  PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
  64 bytes from 172.168.149.157: icmp_seq=1 ttl=63 time=1.80 ms
  64 bytes from 172.168.149.157: icmp_seq=2 ttl=63 time=0.636 ms
  ^C
  --- 172.168.149.157 ping statistics ---
  2 packets transmitted, 2 received, 0% packet loss, time 1438ms
  rtt min/avg/max/mdev = 0.636/1.219/1.803/0.584 ms
   
      It seems very waste IP address in IP pool.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1266983/+subscriptions


Follow ups

References