yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #17228
[Bug 1341040] [NEW] neutron CLI should not allow user to create /32 subnet
Public bug reported:
I'm using devstack stable/icehouse, and my neutron version is
1409da70959496375f1ccccac45457663a918ec8
I created an internal network not connected to the router. If I mis-configure the subnet, Horizon will catch the problem, but not neutron CLI.
Subsequently VM cannot be created on this misconfigured subnet, as it ran out of IP to offer to the VM.
> neutron net-create test-net
Created a new network:
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| admin_state_up | True |
| id | b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a |
| name | test-net |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | 8092813be8fd4122a20ee3a6bfe91162 |
+----------------+--------------------------------------+
If I use Horizon, go to "Networks", "test-net", "Create Subnet", then use parameters,
Subnet Name: subnet-1
Network Address: 10.10.150.0/32
IP Version: IPv4
Horizon returns the error message "The subnet in the Network Address is too small (/32)."
If I use neutron CLI,
> neutron subnet-create --name subnet-1 test-net 10.10.150.0/32
Created a new subnet:
+------------------+--------------------------------------+
| Field | Value |
+------------------+--------------------------------------+
| allocation_pools | |
| cidr | 10.10.150.0/32 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 10.10.150.1 |
| host_routes | |
| id | 4142ff1d-28de-4e77-b82b-89ae604190ae |
| ip_version | 4 |
| name | subnet-1 |
| network_id | b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a |
| tenant_id | 8092813be8fd4122a20ee3a6bfe91162 |
+------------------+--------------------------------------+
> neutron net-list
+--------------------------------------+----------+-----------------------------------------------------+
| id | name | subnets |
+--------------------------------------+----------+-----------------------------------------------------+
| 0dd5722d-f535-42ec-9257-437c05e4de25 | private | 81859ee5-4ea5-4e60-ab2a-ba74146d39ba 10.0.0.0/24 |
| 27c1649d-f6fc-4893-837d-dbc293fc4b80 | public | 6c1836a1-eb7d-4acb-ad6f-6c394cedced5 |
| b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a | test-net | 4142ff1d-28de-4e77-b82b-89ae604190ae 10.10.150.0/32 |
+--------------------------------------+----------+-----------------------------------------------------+
> nova boot --image cirros-0.3.1-x86_64-uec --flavor m1.tiny --nic net-id=b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a vm2
:
:
> nova list
+--------------------------------------+------+--------+------------+-------------+------------------+
| ID | Name | Status | Task State | Power > State | Networks |
+--------------------------------------+------+--------+------------+-------------+------------------+
| d98511f7-452c-4ab6-8af9-d73576714c87 | vm1 | ACTIVE | - | Running | private=10.0.0.2 |
| b12b6a6d-4ab9-43b2-825c-ae656a7aafc4 | vm2 | ERROR | - | NOSTATE | |
+--------------------------------------+------+--------+------------+-------------+------------------+
I get this output from screen:
2014-07-11 18:37:32.327 DEBUG neutronclient.client [-] RESP:409
CaseInsensitiveDict({'date': 'Sat, 12 Jul 2014 01:37:32 GMT', 'content-
length': '164', 'content-type': 'application/json; charset=UTF-8', 'x
-openstack-request-id': 'req-35a49577-5a3d-4a98-a790-52694f09d59a'})
{"NeutronError": {"message": "No more IP addresses available on network
b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a.", "type":
"IpAddressGenerationFailure", "detail": ""}}
2014-07-11 18:37:32.327 DEBUG neutronclient.v2_0.client [-] Error
message: {"NeutronError": {"message": "No more IP addresses available on
network b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a.", "type":
"IpAddressGenerationFailure", "detail": ""}} from (pid=31896)
_handle_fault_response /opt/stack/python-
neutronclient/neutronclient/v2_0/client.py:1202`
** Affects: neutron
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1341040
Title:
neutron CLI should not allow user to create /32 subnet
Status in OpenStack Neutron (virtual network service):
New
Bug description:
I'm using devstack stable/icehouse, and my neutron version is
1409da70959496375f1ccccac45457663a918ec8
I created an internal network not connected to the router. If I mis-configure the subnet, Horizon will catch the problem, but not neutron CLI.
Subsequently VM cannot be created on this misconfigured subnet, as it ran out of IP to offer to the VM.
> neutron net-create test-net
Created a new network:
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| admin_state_up | True |
| id | b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a |
| name | test-net |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | 8092813be8fd4122a20ee3a6bfe91162 |
+----------------+--------------------------------------+
If I use Horizon, go to "Networks", "test-net", "Create Subnet", then use parameters,
Subnet Name: subnet-1
Network Address: 10.10.150.0/32
IP Version: IPv4
Horizon returns the error message "The subnet in the Network Address is too small (/32)."
If I use neutron CLI,
> neutron subnet-create --name subnet-1 test-net 10.10.150.0/32
Created a new subnet:
+------------------+--------------------------------------+
| Field | Value |
+------------------+--------------------------------------+
| allocation_pools | |
| cidr | 10.10.150.0/32 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 10.10.150.1 |
| host_routes | |
| id | 4142ff1d-28de-4e77-b82b-89ae604190ae |
| ip_version | 4 |
| name | subnet-1 |
| network_id | b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a |
| tenant_id | 8092813be8fd4122a20ee3a6bfe91162 |
+------------------+--------------------------------------+
> neutron net-list
+--------------------------------------+----------+-----------------------------------------------------+
| id | name | subnets |
+--------------------------------------+----------+-----------------------------------------------------+
| 0dd5722d-f535-42ec-9257-437c05e4de25 | private | 81859ee5-4ea5-4e60-ab2a-ba74146d39ba 10.0.0.0/24 |
| 27c1649d-f6fc-4893-837d-dbc293fc4b80 | public | 6c1836a1-eb7d-4acb-ad6f-6c394cedced5 |
| b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a | test-net | 4142ff1d-28de-4e77-b82b-89ae604190ae 10.10.150.0/32 |
+--------------------------------------+----------+-----------------------------------------------------+
> nova boot --image cirros-0.3.1-x86_64-uec --flavor m1.tiny --nic net-id=b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a vm2
:
:
> nova list
+--------------------------------------+------+--------+------------+-------------+------------------+
| ID | Name | Status | Task State | Power > State | Networks |
+--------------------------------------+------+--------+------------+-------------+------------------+
| d98511f7-452c-4ab6-8af9-d73576714c87 | vm1 | ACTIVE | - | Running | private=10.0.0.2 |
| b12b6a6d-4ab9-43b2-825c-ae656a7aafc4 | vm2 | ERROR | - | NOSTATE | |
+--------------------------------------+------+--------+------------+-------------+------------------+
I get this output from screen:
2014-07-11 18:37:32.327 DEBUG neutronclient.client [-] RESP:409
CaseInsensitiveDict({'date': 'Sat, 12 Jul 2014 01:37:32 GMT',
'content-length': '164', 'content-type': 'application/json;
charset=UTF-8', 'x-openstack-request-id': 'req-35a49577-5a3d-
4a98-a790-52694f09d59a'}) {"NeutronError": {"message": "No more IP
addresses available on network b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a.",
"type": "IpAddressGenerationFailure", "detail": ""}}
2014-07-11 18:37:32.327 DEBUG neutronclient.v2_0.client [-] Error
message: {"NeutronError": {"message": "No more IP addresses available
on network b7bb10bb-48e0-4c1a-a5fc-9590b6619f5a.", "type":
"IpAddressGenerationFailure", "detail": ""}} from (pid=31896)
_handle_fault_response /opt/stack/python-
neutronclient/neutronclient/v2_0/client.py:1202`
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1341040/+subscriptions
Follow ups
References
