yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #14190
[Bug 1316739] [NEW] Exception is thrown while creating a ipsec site conenction if vpn service doesnot have router gateway set(removing the router gateway after the vpn service creation)
Public bug reported:
Steps to Reproduce:
1.Create two site with vpn service,vpn ike policy,ipsec policy and ipsec site connection.
2. Make sure the vm across the sit are able to ping each other with successfully tunnel creation .
3.Check the status of the operation on both the sites all the status should be in active state.
4. Clear the gateway for the router created
neutron router-list
+--------------------------------------+------+-----------------------------------------------------------------------------+
| id | name | external_gateway_info |
+--------------------------------------+------+-----------------------------------------------------------------------------+
| 809d32bf-1edb-4d47-951a-f9386a1d9a77 | r1 | {"network_id": "b681f56b-7704-498d-8f5b-66d68b3f8be1", "enable_snat": true} |
+--------------------------------------+------+-----------------------------------------------------------------------------+
neutron router-gateway-clear r1
Removed gateway from router r1
5, Now create a ipsec-site-connection with the vpn service with no gateway associated
neutron ipsec-site-connection-create --name vpnconnection1 --vpnservice-id myvpn1 --ikepolicy-id ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address $Peer_address2 --peer-id $Peer_address2 --peer-cidr 11.11.1.0/24 --psk secret
Created a new ipsec_site_connection:
+----------------+----------------------------------------------------+
| Field | Value |
+----------------+----------------------------------------------------+
| admin_state_up | True |
| auth_mode | psk |
| description | |
| dpd | {"action": "hold", "interval": 30, "timeout": 120} |
| id | c8e8f44a-bf14-4b70-a80a-70a52a88cee2 |
| ikepolicy_id | 974fa021-604e-4ebb-9ef0-8a596efc8711 |
| initiator | bi-directional |
| ipsecpolicy_id | feb52f48-cae7-42d5-b32d-abb25f8502b3 |
| mtu | 1500 |
| name | vpnconnection1 |
| peer_address | $Peer_address2 |
| peer_cidrs | 11.11.1.0/24 |
| peer_id | $Peer_address2 |
| psk | secret |
| route_mode | static |
| status | PENDING_CREATE |
| tenant_id | 9d199ee4597649a6886578c565e933bc |
| vpnservice_id | 7ed4edc3-38aa-432a-bdc6-6778aee60e50 |
Check the log.
2014-05-02 12:53:11.774 31447 ERROR neutron.openstack.common.rpc.amqp [req-7cf2eb54-9198-4e1f-8baf-4c868d035277 None] Exception during message handling
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp Traceback (most recent call last):
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp File "/usr/lib/python2.7/dist-packages/neutron/openstack/common/rpc/amqp.py", line 462, in _process_data
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp **args)
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp File "/usr/lib/python2.7/dist-packages/neutron/common/rpc.py", line 45, in dispatch
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp neutron_ctxt, version, method, namespace, **kwargs)
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp File "/usr/lib/python2.7/dist-packages/neutron/openstack/common/rpc/dispatcher.py", line 172, in dispatch
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp result = getattr(proxyobj, method)(ctxt, **kwargs)
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp File "/usr/lib/python2.7/dist-packages/neutron/services/vpn/service_drivers/ipsec.py", line 52, in get_vpn_services_on_host
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp for vpnservice in vpnservices]
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp File "/usr/lib/python2.7/dist-packages/neutron/services/vpn/service_drivers/ipsec.py", line 142, in _make_vpnservice_dict
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp 'fixed_ips'][0]['ip_address']
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp TypeError: 'NoneType' object has no attribute '__getitem__'
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp
Actual Results: Server log show Exception during message handling. VPNaaS doesn't consider subnet interface or router gateway removal operation after vpnservice is created
Expected Results: VPNaaS should consider subnet interface or router gateway removal operation after vpnservice is created
Launchpad bug fix might resolve the problem:
https://bugs.launchpad.net/neutron/+bug/1261598
** Affects: neutron
Importance: Undecided
Status: New
** Attachment added: "server.zip"
https://bugs.launchpad.net/bugs/1316739/+attachment/4106686/+files/server.zip
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1316739
Title:
Exception is thrown while creating a ipsec site conenction if vpn
service doesnot have router gateway set(removing the router gateway
after the vpn service creation)
Status in OpenStack Neutron (virtual network service):
New
Bug description:
Steps to Reproduce:
1.Create two site with vpn service,vpn ike policy,ipsec policy and ipsec site connection.
2. Make sure the vm across the sit are able to ping each other with successfully tunnel creation .
3.Check the status of the operation on both the sites all the status should be in active state.
4. Clear the gateway for the router created
neutron router-list
+--------------------------------------+------+-----------------------------------------------------------------------------+
| id | name | external_gateway_info |
+--------------------------------------+------+-----------------------------------------------------------------------------+
| 809d32bf-1edb-4d47-951a-f9386a1d9a77 | r1 | {"network_id": "b681f56b-7704-498d-8f5b-66d68b3f8be1", "enable_snat": true} |
+--------------------------------------+------+-----------------------------------------------------------------------------+
neutron router-gateway-clear r1
Removed gateway from router r1
5, Now create a ipsec-site-connection with the vpn service with no gateway associated
neutron ipsec-site-connection-create --name vpnconnection1 --vpnservice-id myvpn1 --ikepolicy-id ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address $Peer_address2 --peer-id $Peer_address2 --peer-cidr 11.11.1.0/24 --psk secret
Created a new ipsec_site_connection:
+----------------+----------------------------------------------------+
| Field | Value |
+----------------+----------------------------------------------------+
| admin_state_up | True |
| auth_mode | psk |
| description | |
| dpd | {"action": "hold", "interval": 30, "timeout": 120} |
| id | c8e8f44a-bf14-4b70-a80a-70a52a88cee2 |
| ikepolicy_id | 974fa021-604e-4ebb-9ef0-8a596efc8711 |
| initiator | bi-directional |
| ipsecpolicy_id | feb52f48-cae7-42d5-b32d-abb25f8502b3 |
| mtu | 1500 |
| name | vpnconnection1 |
| peer_address | $Peer_address2 |
| peer_cidrs | 11.11.1.0/24 |
| peer_id | $Peer_address2 |
| psk | secret |
| route_mode | static |
| status | PENDING_CREATE |
| tenant_id | 9d199ee4597649a6886578c565e933bc |
| vpnservice_id | 7ed4edc3-38aa-432a-bdc6-6778aee60e50 |
Check the log.
2014-05-02 12:53:11.774 31447 ERROR neutron.openstack.common.rpc.amqp [req-7cf2eb54-9198-4e1f-8baf-4c868d035277 None] Exception during message handling
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp Traceback (most recent call last):
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp File "/usr/lib/python2.7/dist-packages/neutron/openstack/common/rpc/amqp.py", line 462, in _process_data
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp **args)
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp File "/usr/lib/python2.7/dist-packages/neutron/common/rpc.py", line 45, in dispatch
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp neutron_ctxt, version, method, namespace, **kwargs)
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp File "/usr/lib/python2.7/dist-packages/neutron/openstack/common/rpc/dispatcher.py", line 172, in dispatch
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp result = getattr(proxyobj, method)(ctxt, **kwargs)
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp File "/usr/lib/python2.7/dist-packages/neutron/services/vpn/service_drivers/ipsec.py", line 52, in get_vpn_services_on_host
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp for vpnservice in vpnservices]
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp File "/usr/lib/python2.7/dist-packages/neutron/services/vpn/service_drivers/ipsec.py", line 142, in _make_vpnservice_dict
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp 'fixed_ips'][0]['ip_address']
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp TypeError: 'NoneType' object has no attribute '__getitem__'
2014-05-02 12:53:11.774 31447 TRACE neutron.openstack.common.rpc.amqp
Actual Results: Server log show Exception during message handling. VPNaaS doesn't consider subnet interface or router gateway removal operation after vpnservice is created
Expected Results: VPNaaS should consider subnet interface or router gateway removal operation after vpnservice is created
Launchpad bug fix might resolve the problem:
https://bugs.launchpad.net/neutron/+bug/1261598
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1316739/+subscriptions
Follow ups
References
