← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #36620

[Bug 1482554] [NEW] skip setting up firewall filters for ports not attached to any security groups

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Not all neutron ports have security groups attached to them.
In OVS Neutron agent, when we try to process a newly discovered port (be it a compute or network), we get the port details from the server and then try to apply the firewall filters. 

But typically for network (DHCP and L3) ports, we do not have any
security groups associated. We can actually skip the setup_port_filters
for these ports, which can help us save RPC bandwidth and server
processing time.

In scaled environments, any resync in L2 agent which is serving huge
number of DHCP ports, is taking longer time because of this unnecessary
workflow. Same thing applies to agent restart scenario as well.

** Affects: neutron
     Importance: Undecided
     Assignee: Sudhakar Gariganti (sudhakar-gariganti)
         Status: New


** Tags: ml2 securitygroups

** Changed in: neutron
     Assignee: (unassigned) => Sudhakar Gariganti (sudhakar-gariganti)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1482554

Title:
  skip setting up firewall filters for ports not attached to any
  security groups

Status in neutron:
  New

Bug description:
  Not all neutron ports have security groups attached to them.
  In OVS Neutron agent, when we try to process a newly discovered port (be it a compute or network), we get the port details from the server and then try to apply the firewall filters. 

  But typically for network (DHCP and L3) ports, we do not have any
  security groups associated. We can actually skip the
  setup_port_filters for these ports, which can help us save RPC
  bandwidth and server processing time.

  In scaled environments, any resync in L2 agent which is serving huge
  number of DHCP ports, is taking longer time because of this
  unnecessary workflow. Same thing applies to agent restart scenario as
  well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1482554/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next