yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1240066] Re: cross tenant network polution post upgrade to Havana RC2

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1240066@xxxxxxxxxxxxxxxxxx>
Date: Mon, 07 Jul 2014 04:18:11 -0000
Reply-to: Bug 1240066 <1240066@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

[Expired for neutron because there has been no activity for 60 days.]

** Changed in: neutron
       Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1240066

Title:
  cross tenant network polution post upgrade to Havana RC2

Status in OpenStack Neutron (virtual network service):
  Expired

Bug description:
  We've been running Havana RC1 on our internal OpenStack deployment
  that we use for QA'ing OpenStack on Ubuntu fine since last week - it
  was running b3 prior to that; I bumped all of the packages to RC2 as
  available this morning (including neutron and nova) and promptly saw a
  whole raft of tenant network access issues which I think might be
  related to the same underlying cause.

  We run with Neutron OpenvSwitch plugin with GRE overlay networks.

  We run multiple tenants with the same IP address ranges accessed via
  servers assigned floating IP's; I noticed that I kept getting bumped
  from my access server and dug in a bit further in the l3 router
  namespace on the gateway node; the arp address of the server was
  switching to a port assigned to another tenants instance, indicating
  some sort of cross l2 network pollution between tenants.

  I appear to have cleaned this up by running:

     sudo neutron-ovs-cleanup

  on the compute host that had the other tenants instance and then hard
  rebooting all of the instances running on that host to re-connect all
  of the instances.

  I noticed alot of cruft on the integration bridge; this is taken from
  a host where I have not done the cleanups steps:

  ubuntu@ciguapa:~$ sudo ovs-vsctl show
  8aa44160-224e-41fe-9b54-92c9d3e779bb
      Bridge br-int
          Port "qvoff030e8d-73"
              tag: 4095
              Interface "qvoff030e8d-73"
          Port "tap15d5f03d-af"
              tag: 1
              Interface "tap15d5f03d-af"
          Port patch-tun
              Interface patch-tun
                  type: patch
                  options: {peer=patch-int}
          Port "qvo15d5f03d-af"
              Interface "qvo15d5f03d-af"
          Port "tapc143c034-e0"
              tag: 3
              Interface "tapc143c034-e0"
          Port "qvo1b3f5a5f-60"
              tag: 4095
              Interface "qvo1b3f5a5f-60"
          Port "qvod43a627c-a0"
              Interface "qvod43a627c-a0"
          Port "tapd43a627c-a0"
              tag: 2
              Interface "tapd43a627c-a0"
          Port "qvo8162d068-ce"
              tag: 4095
              Interface "qvo8162d068-ce"
          Port "qvoc143c034-e0"
              Interface "qvoc143c034-e0"
          Port br-int
              Interface br-int
                  type: internal
          Port "qvoc2e6f8a5-56"
              tag: 4095
              Interface "qvoc2e6f8a5-56"

  I guess this might be an artifact of upgrading from b3->RC1->RC2 but
  it feels pretty nasty to me.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1240066/+subscriptions