← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #39167

[Bug 1499812] [NEW] VM can't get an IP via DHCP when booting with a port that has port security disabled

  Thread PreviousDate PreviousThread Next 
Public bug reported:

To reproduce:

 - create a port with port security disabled

    neutron port-create private --port-security-enabled=False --name
rawport

 - boot a vm with the port

    nova boot --flavor=1 --image=cirros-0.3.4-x86_64-uec --nic port-
id=$(neutron port-show -f value -F id rawport) vm1

The VM boots, seemingly successfully, but is not reachable.  Examining
the VM's console.log shows that the VM failed to acquire a dhcp lease
despite multiple tries.

There is a workaround of sorts.  It is possible to boot a VM with port
security enabled, and then disable port security once it has acquired a
dhcp lease:

    nova boot --flavor=1 --image=cirros-0.3.4-x86_64-uec vm2
    neutron port-update --security-groups= [port id]
    neutron port-update --port-security-enabled=false [port id]

This results in the VM both having connectivity and being able to send
traffic for ip/mac pairs not associated with the port.  However, a
reboot would again result in a VM unable to acquire a dhcp lease.

** Affects: neutron
     Importance: Undecided
         Status: New

** Summary changed:

- VM can't get an IP via DHCP when booting with a port that has pot security disabled
+ VM can't get an IP via DHCP when booting with a port that has port security disabled

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1499812

Title:
  VM can't get an IP via DHCP when booting with a port that has port
  security disabled

Status in neutron:
  New

Bug description:
  To reproduce:

   - create a port with port security disabled

      neutron port-create private --port-security-enabled=False --name
  rawport

   - boot a vm with the port

      nova boot --flavor=1 --image=cirros-0.3.4-x86_64-uec --nic port-
  id=$(neutron port-show -f value -F id rawport) vm1

  The VM boots, seemingly successfully, but is not reachable.  Examining
  the VM's console.log shows that the VM failed to acquire a dhcp lease
  despite multiple tries.

  There is a workaround of sorts.  It is possible to boot a VM with port
  security enabled, and then disable port security once it has acquired
  a dhcp lease:

      nova boot --flavor=1 --image=cirros-0.3.4-x86_64-uec vm2
      neutron port-update --security-groups= [port id]
      neutron port-update --port-security-enabled=false [port id]

  This results in the VM both having connectivity and being able to send
  traffic for ip/mac pairs not associated with the port.  However, a
  reboot would again result in a VM unable to acquire a dhcp lease.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1499812/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next