yahoo-eng-team team mailing list archive

[Darragh O'Reilly <1284684@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

https://github.com/openstack/neutron/blob/2702baed390d094b0eac07d0ae167ed236868d00/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py#L1327

The ovs agent will currently accepts anything for local_ip, and sends it
to the plugin with the sync_tunnels rpc, and then all other agents will
try to make tunnel ports using it as the remote_ip. Then the only way to
get rid of it is to manually delete the row in the DB.

If tunneling is enabled, netaddr.IPAddress() could be used to validate
that local_ip is a proper IP address. Only IPv4 tunnels are currently
supported for GRE - not sure about VxLAN. Maybe a check that local_ip
actually exists on the host too.

** Affects: neutron
     Importance: Undecided
         Status: New


** Tags: low-hanging-fruit ovs

** Tags added: low-hanging-fruit ovs

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1284684

Title:
  local_ip should be validated when ovs-agent starts

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  https://github.com/openstack/neutron/blob/2702baed390d094b0eac07d0ae167ed236868d00/neutron/plugins/openvswitch/agent/ovs_neutron_agent.py#L1327

  The ovs agent will currently accepts anything for local_ip, and sends
  it to the plugin with the sync_tunnels rpc, and then all other agents
  will try to make tunnel ports using it as the remote_ip. Then the only
  way to get rid of it is to manually delete the row in the DB.

  If tunneling is enabled, netaddr.IPAddress() could be used to validate
  that local_ip is a proper IP address. Only IPv4 tunnels are currently
  supported for GRE - not sure about VxLAN. Maybe a check that local_ip
  actually exists on the host too.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1284684/+subscriptions