yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1209396] Re: dhcp-agent is too restrictive around metadata route injection

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Ihar Hrachyshka <1209396@xxxxxxxxxxxxxxxxxx>
Date: Wed, 07 Oct 2015 12:58:01 -0000
Reply-to: Bug 1209396 <1209396@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a duplicate of bug 1483939 ***
    https://bugs.launchpad.net/bugs/1483939

** This bug has been marked a duplicate of bug 1483939
   Allow host route injection of metadata server IP via DHCP

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1209396

Title:
  dhcp-agent is too restrictive around metadata route injection

Status in neutron:
  Incomplete

Bug description:
  When using the enable_isolated_metadata flag, if gateway-ip is set
  (implicitly or explicitly), dnsmasq will not inject the metadata
  route, presumably under the assumption that a subnet with a gateway
  will rely on the router owning the gateway IP to handle metadata
  routing. However, in our deployments we have found many valid use-
  cases for subnets with external routers but internal metadata via the
  metadata-agent. It seems that this scenario is exactly what "isolated
  metadata" should entail, but the current code checks for
  enable_isolated_metadata and that gateway-ip is not set.

  There is an awkward workaround to have an external gateway-ip and
  metadata route injection, by passing the defaultroute as a static host
  route, disabling the gateway-ip attribute and adjusting the
  allocation-pool to account for the gateway IP, like so:

  subnet-create --no-gateway --host-route \
  destination=0.0.0.0/0,nexthop=x.x.x.1 --allocation-pool \
  start=x.x.x.2,end=x.x.x.254 net1 x.x.x.0/24

  Aside from the added complexity and administrative overhead of this
  workaround, it also fails entirely on certain images (such as the
  common Cirros image) using dhcp clients/configurations that don't
  understand the classless-static-route DHCP option, which is what
  --host-route uses, in addition to the metadata route injection. Given
  this limitation in such images, an acceptable compromise would be for
  at least the router-option to pass the default route always, and the
  metadata route to fail to be injected

  This gateway_ip check seems to be an unnecessary restriction.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1209396/+subscriptions