yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1484690] Re: Incorrect metadata proxy route via router ip

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Cedric Brandily <1484690@xxxxxxxxxxxxxxxxxx>
Date: Mon, 05 Oct 2015 11:04:30 -0000
Reply-to: Bug 1484690 <1484690@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a duplicate of bug 1483939 ***
    https://bugs.launchpad.net/bugs/1483939

** This bug has been marked a duplicate of bug 1483939
   Allow host route injection of metadata server IP via DHCP

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1484690

Title:
  Incorrect metadata proxy route via router ip

Status in neutron:
  In Progress

Bug description:
  A change [1] injected a direct route to metadata ip through a subnet's
  default gateway to avoid Windows mac resolution[2].

  Such change breaks the following usecase (typically used to separate admin/management traffic and user traffic):
    
      enable metadata on dhcp agents
      disable metadata on l3 agents
      create a subnet subnet-usr with a gateway and bind it to a router
      create a subnet subnet-adm without a gateway
      create VMs with an interface on each subnet

  because VMs get from subnet-adm the route:

   destination=169.254.169.254,nexthop=dhcp-ip

  and from subnet-usr the route:

   destination=169.254.169.254,nexthop=router-ip

  so VMs have 2 routes to 169.254.169.254:

    if they use subnet-run route then they get no response (metadata disabled on routers)
    if they use subnet-nsb route then they get a response (metadata enabled on dhcps)

  
  [1] https://review.openstack.org/187431
  [2] https://bugs.launchpad.net/neutron/+bug/1460793

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1484690/+subscriptions

References

[Bug 1484690] [NEW] Incorrect metadata proxy route via router ip
From: Cedric Brandily, 2015-08-13