yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #28734
[Bug 1424760] [NEW] SLAAC/DHCPv6-stateless subnets can be deleted with router ports still in-use
Public bug reported:
SLAAC and DHCPv6-stateless subnets can be deleted using the subnet-
delete command even when they still have associated internal router
ports. This causes the subnet to be deleted from the Neutron database,
yet in reality the subnet still exists with radvd continuing to
advertise the prefix to clients on the network. Calling subnet-delete on
a subnet that still has internal router ports should result in an error.
=======================
=======================
Steps to reproduce:
=======================
=======================
====================================
1. Create a slaac or dhcpv6-stateless subnet
====================================
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron subnet-create --ip-version 6 --ipv6-ra-mode slaac --ipv6-address-mode slaac --name subv6 private cafe::/64
Created a new subnet:
+-------------------+----------------------------------------------------------+
| Field | Value |
+-------------------+----------------------------------------------------------+
| allocation_pools | {"start": "cafe::2", "end": "cafe::ffff:ffff:ffff:fffe"} |
| cidr | cafe::/64 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | cafe::1 |
| host_routes | |
| id | f878a81c-3fdf-46f1-9719-fdbdb314d822 |
| ip_version | 6 |
| ipv6_address_mode | slaac |
| ipv6_ra_mode | slaac |
| name | subv6 |
| network_id | 77b850fd-8f87-4001-aa2e-6375a87b9598 |
| tenant_id | dc748d64a2fc4ec798e9a16d5f6cb444 |
+-------------------+----------------------------------------------------------+
====================================
2. Create a router interface using this subnet
====================================
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron router-interface-add router1 subv6
Added interface e86154dd-fee6-435d-8065-55cf4b2ae860 to router router1.
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron router-port-list router1
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
| 31640bf5-5533-4ca4-b04c-d9808be385b2 | | fa:16:3e:96:41:b7 | {"subnet_id": "46659d0b-230f-49a0-8fea-2156a67f099f", "ip_address": "2001:420:2c50:200a::1"}
| e86154dd-fee6-435d-8065-55cf4b2ae860 | | fa:16:3e:c3:5a:3e | {"subnet_id": "f878a81c-3fdf-46f1-9719-fdbdb314d822", "ip_address": "cafe::1"} |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
=================
3. Delete the subnet
=================
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron subnet-delete subv6
Deleted subnet: subv6
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron router-port-list router1
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
| 31640bf5-5533-4ca4-b04c-d9808be385b2 | | fa:16:3e:96:41:b7 | {"subnet_id": "46659d0b-230f-49a0-8fea-2156a67f099f", "ip_address": "2001:420:2c50:200a::1"} |
| e86154dd-fee6-435d-8065-55cf4b2ae860 | | fa:16:3e:c3:5a:3e | |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
Subnet is deleted from the router port in Neutron. Subnet still exists in the router namespace:
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ sudo ip netns exec qrouter-72222950-cbad-487a-9b43-18f739bf492e ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
qg-31640bf5-55 Link encap:Ethernet HWaddr fa:16:3e:96:41:b7
inet6 addr: fe80::f816:3eff:fe96:41b7/64 Scope:Link
inet6 addr: 2001:420:2c50:200a::1/64 Scope:Global
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:1134 (1.1 KB)
qr-e86154dd-fe Link encap:Ethernet HWaddr fa:16:3e:c3:5a:3e
inet6 addr: fe80::f816:3eff:fec3:5a3e/64 Scope:Link
inet6 addr: cafe::1/64 Scope:Global
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:46 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5060 (5.0 KB) TX bytes:1294 (1.2 KB)
RADVD continues to advertise this prefix.
** Affects: neutron
Importance: Undecided
Assignee: Andrew Boik (drewboik)
Status: New
** Tags: ipv6 juno-backport-potential
** Changed in: neutron
Assignee: (unassigned) => Andrew Boik (drewboik)
** Description changed:
SLAAC and DHCPv6-stateless subnets can be deleted using the subnet-
delete command even when they still have associated internal router
ports. This causes the subnet to be deleted from the Neutron database,
yet in reality the subnet still exists with radvd continuing to
advertise the prefix to clients on the network. Calling subnet-delete on
a subnet that still has internal router ports should result in an error.
=======================
=======================
- === Steps to reproduce: ===
+ Steps to reproduce:
=======================
=======================
====================================
1. Create a slaac or dhcpv6-stateless subnet
====================================
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron subnet-create --ip-version 6 --ipv6-ra-mode slaac --ipv6-address-mode slaac --name subv6 private cafe::/64
Created a new subnet:
+-------------------+----------------------------------------------------------+
| Field | Value |
+-------------------+----------------------------------------------------------+
| allocation_pools | {"start": "cafe::2", "end": "cafe::ffff:ffff:ffff:fffe"} |
| cidr | cafe::/64 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | cafe::1 |
| host_routes | |
| id | f878a81c-3fdf-46f1-9719-fdbdb314d822 |
| ip_version | 6 |
| ipv6_address_mode | slaac |
| ipv6_ra_mode | slaac |
| name | subv6 |
| network_id | 77b850fd-8f87-4001-aa2e-6375a87b9598 |
| tenant_id | dc748d64a2fc4ec798e9a16d5f6cb444 |
+-------------------+----------------------------------------------------------+
====================================
2. Create a router interface using this subnet
====================================
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron router-interface-add router1 subv6
Added interface e86154dd-fee6-435d-8065-55cf4b2ae860 to router router1.
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron router-port-list router1
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
- | 31640bf5-5533-4ca4-b04c-d9808be385b2 | | fa:16:3e:96:41:b7 | {"subnet_id": "46659d0b-230f-49a0-8fea-2156a67f099f", "ip_address": "2001:420:2c50:200a::1"}
+ | 31640bf5-5533-4ca4-b04c-d9808be385b2 | | fa:16:3e:96:41:b7 | {"subnet_id": "46659d0b-230f-49a0-8fea-2156a67f099f", "ip_address": "2001:420:2c50:200a::1"}
| e86154dd-fee6-435d-8065-55cf4b2ae860 | | fa:16:3e:c3:5a:3e | {"subnet_id": "f878a81c-3fdf-46f1-9719-fdbdb314d822", "ip_address": "cafe::1"} |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
=================
3. Delete the subnet
=================
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron subnet-delete subv6
Deleted subnet: subv6
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron router-port-list router1
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
| 31640bf5-5533-4ca4-b04c-d9808be385b2 | | fa:16:3e:96:41:b7 | {"subnet_id": "46659d0b-230f-49a0-8fea-2156a67f099f", "ip_address": "2001:420:2c50:200a::1"} |
| e86154dd-fee6-435d-8065-55cf4b2ae860 | | fa:16:3e:c3:5a:3e | |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
-
Subnet is deleted from the router port in Neutron. Subnet still exists in the router namespace:
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ sudo ip netns exec qrouter-72222950-cbad-487a-9b43-18f739bf492e ifconfig
- lo Link encap:Local Loopback
- inet addr:127.0.0.1 Mask:255.0.0.0
- inet6 addr: ::1/128 Scope:Host
- UP LOOPBACK RUNNING MTU:65536 Metric:1
- RX packets:0 errors:0 dropped:0 overruns:0 frame:0
- TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
+ lo Link encap:Local Loopback
+ inet addr:127.0.0.1 Mask:255.0.0.0
+ inet6 addr: ::1/128 Scope:Host
+ UP LOOPBACK RUNNING MTU:65536 Metric:1
+ RX packets:0 errors:0 dropped:0 overruns:0 frame:0
+ TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
+ collisions:0 txqueuelen:0
+ RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
- qg-31640bf5-55 Link encap:Ethernet HWaddr fa:16:3e:96:41:b7
- inet6 addr: fe80::f816:3eff:fe96:41b7/64 Scope:Link
- inet6 addr: 2001:420:2c50:200a::1/64 Scope:Global
- UP BROADCAST RUNNING MTU:1500 Metric:1
- RX packets:0 errors:0 dropped:0 overruns:0 frame:0
- TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:0 (0.0 B) TX bytes:1134 (1.1 KB)
+ qg-31640bf5-55 Link encap:Ethernet HWaddr fa:16:3e:96:41:b7
+ inet6 addr: fe80::f816:3eff:fe96:41b7/64 Scope:Link
+ inet6 addr: 2001:420:2c50:200a::1/64 Scope:Global
+ UP BROADCAST RUNNING MTU:1500 Metric:1
+ RX packets:0 errors:0 dropped:0 overruns:0 frame:0
+ TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
+ collisions:0 txqueuelen:0
+ RX bytes:0 (0.0 B) TX bytes:1134 (1.1 KB)
- qr-e86154dd-fe Link encap:Ethernet HWaddr fa:16:3e:c3:5a:3e
- inet6 addr: fe80::f816:3eff:fec3:5a3e/64 Scope:Link
- inet6 addr: cafe::1/64 Scope:Global
- UP BROADCAST RUNNING MTU:1500 Metric:1
- RX packets:46 errors:0 dropped:0 overruns:0 frame:0
- TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:0
- RX bytes:5060 (5.0 KB) TX bytes:1294 (1.2 KB)
+ qr-e86154dd-fe Link encap:Ethernet HWaddr fa:16:3e:c3:5a:3e
+ inet6 addr: fe80::f816:3eff:fec3:5a3e/64 Scope:Link
+ inet6 addr: cafe::1/64 Scope:Global
+ UP BROADCAST RUNNING MTU:1500 Metric:1
+ RX packets:46 errors:0 dropped:0 overruns:0 frame:0
+ TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
+ collisions:0 txqueuelen:0
+ RX bytes:5060 (5.0 KB) TX bytes:1294 (1.2 KB)
RADVD continues to advertise this prefix.
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1424760
Title:
SLAAC/DHCPv6-stateless subnets can be deleted with router ports still
in-use
Status in OpenStack Neutron (virtual network service):
New
Bug description:
SLAAC and DHCPv6-stateless subnets can be deleted using the subnet-
delete command even when they still have associated internal router
ports. This causes the subnet to be deleted from the Neutron database,
yet in reality the subnet still exists with radvd continuing to
advertise the prefix to clients on the network. Calling subnet-delete
on a subnet that still has internal router ports should result in an
error.
=======================
=======================
Steps to reproduce:
=======================
=======================
====================================
1. Create a slaac or dhcpv6-stateless subnet
====================================
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron subnet-create --ip-version 6 --ipv6-ra-mode slaac --ipv6-address-mode slaac --name subv6 private cafe::/64
Created a new subnet:
+-------------------+----------------------------------------------------------+
| Field | Value |
+-------------------+----------------------------------------------------------+
| allocation_pools | {"start": "cafe::2", "end": "cafe::ffff:ffff:ffff:fffe"} |
| cidr | cafe::/64 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | cafe::1 |
| host_routes | |
| id | f878a81c-3fdf-46f1-9719-fdbdb314d822 |
| ip_version | 6 |
| ipv6_address_mode | slaac |
| ipv6_ra_mode | slaac |
| name | subv6 |
| network_id | 77b850fd-8f87-4001-aa2e-6375a87b9598 |
| tenant_id | dc748d64a2fc4ec798e9a16d5f6cb444 |
+-------------------+----------------------------------------------------------+
====================================
2. Create a router interface using this subnet
====================================
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron router-interface-add router1 subv6
Added interface e86154dd-fee6-435d-8065-55cf4b2ae860 to router router1.
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron router-port-list router1
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
| 31640bf5-5533-4ca4-b04c-d9808be385b2 | | fa:16:3e:96:41:b7 | {"subnet_id": "46659d0b-230f-49a0-8fea-2156a67f099f", "ip_address": "2001:420:2c50:200a::1"}
| e86154dd-fee6-435d-8065-55cf4b2ae860 | | fa:16:3e:c3:5a:3e | {"subnet_id": "f878a81c-3fdf-46f1-9719-fdbdb314d822", "ip_address": "cafe::1"} |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
=================
3. Delete the subnet
=================
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron subnet-delete subv6
Deleted subnet: subv6
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ neutron router-port-list router1
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
| 31640bf5-5533-4ca4-b04c-d9808be385b2 | | fa:16:3e:96:41:b7 | {"subnet_id": "46659d0b-230f-49a0-8fea-2156a67f099f", "ip_address": "2001:420:2c50:200a::1"} |
| e86154dd-fee6-435d-8065-55cf4b2ae860 | | fa:16:3e:c3:5a:3e | |
+--------------------------------------+------+-------------------+----------------------------------------------------------------------------------------------+
Subnet is deleted from the router port in Neutron. Subnet still exists in the router namespace:
dboik@dboik-VirtualBox:/opt/stack/neutron/neutron$ sudo ip netns exec qrouter-72222950-cbad-487a-9b43-18f739bf492e ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
qg-31640bf5-55 Link encap:Ethernet HWaddr fa:16:3e:96:41:b7
inet6 addr: fe80::f816:3eff:fe96:41b7/64 Scope:Link
inet6 addr: 2001:420:2c50:200a::1/64 Scope:Global
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:1134 (1.1 KB)
qr-e86154dd-fe Link encap:Ethernet HWaddr fa:16:3e:c3:5a:3e
inet6 addr: fe80::f816:3eff:fec3:5a3e/64 Scope:Link
inet6 addr: cafe::1/64 Scope:Global
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:46 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5060 (5.0 KB) TX bytes:1294 (1.2 KB)
RADVD continues to advertise this prefix.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1424760/+subscriptions
Follow ups
References
