← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1532004] [NEW] gateway update restriction should apply only to router interfaces

 

Public bug reported:

The restriction that prevents a subnet's gateway IP from being updated
if it points to an IP in use by a port can get the subnet in a stuck
state without messing with a port if the wrong gateway_ip is set.

Take the following example:

administrator@13:35:25:~/code/neutron$ neutron subnet-create bojangles 10.0.0.0/24 --name=bojangles --allocation-pool start=10.0.0.3,end=10.0.0.250
Created a new subnet:
+-------------------+--------------------------------------------+
| Field             | Value                                      |
+-------------------+--------------------------------------------+
| allocation_pools  | {"start": "10.0.0.3", "end": "10.0.0.250"} |
| cidr              | 10.0.0.0/24                                |
| dns_nameservers   |                                            |
| enable_dhcp       | True                                       |
| gateway_ip        | 10.0.0.1                                   |
| host_routes       |                                            |
| id                | 21c9a4b3-a1d0-402f-8e1e-b463236cc612       |
| ip_version        | 4                                          |
| ipv6_address_mode |                                            |
| ipv6_ra_mode      |                                            |
| name              | bojangles                                  |
| network_id        | 3c6ca69c-7662-441e-abc3-7a104aa603a1       |
| subnetpool_id     |                                            |
| tenant_id         | de56db175c1d48b0bbe72f09a24a3b66           |
+-------------------+--------------------------------------------+

administrator@13:35:58:~/code/neutron$ neutron port-create bojangles --fixed-ip ip_address=10.0.0.2
Created a new port:
+-----------------------+--------------------------------------------------------------------------------------------------+
| Field                 | Value                                                                                            |
+-----------------------+--------------------------------------------------------------------------------------------------+
| admin_state_up        | True                                                                                             |
| allowed_address_pairs |                                                                                                  |
| binding:host_id       |                                                                                                  |
| binding:profile       | {}                                                                                               |
| binding:vif_details   | {}                                                                                               |
| binding:vif_type      | unbound                                                                                          |
| binding:vnic_type     | normal                                                                                           |
| device_id             |                                                                                                  |
| device_owner          |                                                                                                  |
| dns_assignment        | {"hostname": "host-10-0-0-2", "ip_address": "10.0.0.2", "fqdn": "host-10-0-0-2.openstacklocal."} |
| dns_name              |                                                                                                  |
| fixed_ips             | {"subnet_id": "21c9a4b3-a1d0-402f-8e1e-b463236cc612", "ip_address": "10.0.0.2"}                  |
| id                    | 3cc9c4a0-1ea7-4353-a5e0-f112adf5fad8                                                             |
| mac_address           | fa:16:3e:09:d2:29                                                                                |
| name                  |                                                                                                  |
| network_id            | 3c6ca69c-7662-441e-abc3-7a104aa603a1                                                             |
| port_security_enabled | True                                                                                             |
| security_groups       | fa5cdb36-85e1-4182-bd08-d2ad22b5eb5b                                                             |
| status                | DOWN                                                                                             |
| tenant_id             | de56db175c1d48b0bbe72f09a24a3b66                                                                 |
+-----------------------+--------------------------------------------------------------------------------------------------+
administrator@13:36:05:~/code/neutron$ neutron subnet-update bojangles --gateway_ip=10.0.0.2
Updated subnet: bojangles
administrator@13:36:14:~/code/neutron$ neutron subnet-update bojangles --gateway_ip=10.0.0.1
Current gateway ip 10.0.0.2 already in use by port 3cc9c4a0-1ea7-4353-a5e0-f112adf5fad8. Unable to update.


The subnet is now pinned to the 10.0.0.2 port so the user will have to destroy the port or update it's fixed IP before the subnet gateway can be changed. If the port belongs to an active VM, this is disruptive.

The restriction should be loosened to only apply to router ports, which
is what it was originally intended for
(https://bugs.launchpad.net/neutron/+bug/1186322).

** Affects: neutron
     Importance: Undecided
     Assignee: Kevin Benton (kevinbenton)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => Kevin Benton (kevinbenton)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1532004

Title:
  gateway update restriction should apply only to router interfaces

Status in neutron:
  New

Bug description:
  The restriction that prevents a subnet's gateway IP from being updated
  if it points to an IP in use by a port can get the subnet in a stuck
  state without messing with a port if the wrong gateway_ip is set.

  Take the following example:

  administrator@13:35:25:~/code/neutron$ neutron subnet-create bojangles 10.0.0.0/24 --name=bojangles --allocation-pool start=10.0.0.3,end=10.0.0.250
  Created a new subnet:
  +-------------------+--------------------------------------------+
  | Field             | Value                                      |
  +-------------------+--------------------------------------------+
  | allocation_pools  | {"start": "10.0.0.3", "end": "10.0.0.250"} |
  | cidr              | 10.0.0.0/24                                |
  | dns_nameservers   |                                            |
  | enable_dhcp       | True                                       |
  | gateway_ip        | 10.0.0.1                                   |
  | host_routes       |                                            |
  | id                | 21c9a4b3-a1d0-402f-8e1e-b463236cc612       |
  | ip_version        | 4                                          |
  | ipv6_address_mode |                                            |
  | ipv6_ra_mode      |                                            |
  | name              | bojangles                                  |
  | network_id        | 3c6ca69c-7662-441e-abc3-7a104aa603a1       |
  | subnetpool_id     |                                            |
  | tenant_id         | de56db175c1d48b0bbe72f09a24a3b66           |
  +-------------------+--------------------------------------------+

  administrator@13:35:58:~/code/neutron$ neutron port-create bojangles --fixed-ip ip_address=10.0.0.2
  Created a new port:
  +-----------------------+--------------------------------------------------------------------------------------------------+
  | Field                 | Value                                                                                            |
  +-----------------------+--------------------------------------------------------------------------------------------------+
  | admin_state_up        | True                                                                                             |
  | allowed_address_pairs |                                                                                                  |
  | binding:host_id       |                                                                                                  |
  | binding:profile       | {}                                                                                               |
  | binding:vif_details   | {}                                                                                               |
  | binding:vif_type      | unbound                                                                                          |
  | binding:vnic_type     | normal                                                                                           |
  | device_id             |                                                                                                  |
  | device_owner          |                                                                                                  |
  | dns_assignment        | {"hostname": "host-10-0-0-2", "ip_address": "10.0.0.2", "fqdn": "host-10-0-0-2.openstacklocal."} |
  | dns_name              |                                                                                                  |
  | fixed_ips             | {"subnet_id": "21c9a4b3-a1d0-402f-8e1e-b463236cc612", "ip_address": "10.0.0.2"}                  |
  | id                    | 3cc9c4a0-1ea7-4353-a5e0-f112adf5fad8                                                             |
  | mac_address           | fa:16:3e:09:d2:29                                                                                |
  | name                  |                                                                                                  |
  | network_id            | 3c6ca69c-7662-441e-abc3-7a104aa603a1                                                             |
  | port_security_enabled | True                                                                                             |
  | security_groups       | fa5cdb36-85e1-4182-bd08-d2ad22b5eb5b                                                             |
  | status                | DOWN                                                                                             |
  | tenant_id             | de56db175c1d48b0bbe72f09a24a3b66                                                                 |
  +-----------------------+--------------------------------------------------------------------------------------------------+
  administrator@13:36:05:~/code/neutron$ neutron subnet-update bojangles --gateway_ip=10.0.0.2
  Updated subnet: bojangles
  administrator@13:36:14:~/code/neutron$ neutron subnet-update bojangles --gateway_ip=10.0.0.1
  Current gateway ip 10.0.0.2 already in use by port 3cc9c4a0-1ea7-4353-a5e0-f112adf5fad8. Unable to update.

  
  The subnet is now pinned to the 10.0.0.2 port so the user will have to destroy the port or update it's fixed IP before the subnet gateway can be changed. If the port belongs to an active VM, this is disruptive.

  The restriction should be loosened to only apply to router ports,
  which is what it was originally intended for
  (https://bugs.launchpad.net/neutron/+bug/1186322).

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1532004/+subscriptions


Follow ups