← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #30454

[Bug 1436267] [NEW] Removing bridge_mappings could lead to network broadcast storms

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Old patch ports and openflow rules could lead to loops

https://bugzilla.redhat.com/show_bug.cgi?id=1205530#c24

Depending on the topology of your bridges for external networks.

In the referenced BZ, it seems that customer had a loop formed
over:

eth1->br-ex->br-int->br-ex2->eth2

Generally that traffic is tagged by br-int at entrance, but once
the bridge_mappings are cleared, and the agent is restarted
those flows go away, and NORMAL forwarding rules apply.


This situation could have been alleviated across reboots if 
the br-ex & br-ex2 was set to secure fail-mode when the agent
configures patch ports and openflow rules in both bridges.

I will propose a patch to do that.

** Affects: neutron
     Importance: Undecided
     Assignee: Miguel Angel Ajo (mangelajo)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => Miguel Angel Ajo (mangelajo)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1436267

Title:
  Removing bridge_mappings could lead to network broadcast storms

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  Old patch ports and openflow rules could lead to loops

  https://bugzilla.redhat.com/show_bug.cgi?id=1205530#c24

  Depending on the topology of your bridges for external networks.

  In the referenced BZ, it seems that customer had a loop formed
  over:

  eth1->br-ex->br-int->br-ex2->eth2

  Generally that traffic is tagged by br-int at entrance, but once
  the bridge_mappings are cleared, and the agent is restarted
  those flows go away, and NORMAL forwarding rules apply.

  
  This situation could have been alleviated across reboots if 
  the br-ex & br-ex2 was set to secure fail-mode when the agent
  configures patch ports and openflow rules in both bridges.

  I will propose a patch to do that.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1436267/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next