yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1611964] [NEW] SNAT redirect rules should be removed only on Gateway clear.

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Swaminathan Vasudevan <swaminathan.vasudevan@xxxxxx>
Date: Wed, 10 Aug 2016 21:01:34 -0000
Reply-to: Bug 1611964 <1611964@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

SNAT redirect rules should be removed only on Gateway clear and not for a gateway move or gateway reschedule.
This would cause the snat_node unreachable by the dvr service ports on the originating node.

How to reproduce it.

1. Create a two network node setup (dvr_snat)
2. Create a network
3. Create a subnet
4. Create a router and attach the subnet to the router.
5. Set gateway to the router.
6. Now try to reschedule the router to the secondary node or do a manaul move to a second node.
7. In this case the 'external_gateway_removed" is called through 'external_gateway_updated' function and tries to call snat_redirect_remove.

8. After you move the snat, the router namespace will not have the routing rule for the 'csnat' port.
9. It clears up and you only see the base rules.

Expected:
root@ubuntu-ctlr:~/devstack# ip rule
0:	from all lookup local 
32766:	from all lookup main 
32767:	from all lookup default 
167772161:	from 10.0.0.1/24 lookup 167772161 
root@ubuntu-ctlr:~/devstack# ip route s t 167772161
default via 10.0.0.9 dev qr-18deeb39-3b 

But Actual:
root@ubuntu-ctlr:~/devstack# ip rule
0:	from all lookup local 
32766:	from all lookup main 
32767:	from all lookup default

** Affects: neutron
     Importance: Undecided
         Status: New


** Tags: l3-dvr-backlog

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1611964

Title:
  SNAT redirect rules should be removed only on Gateway clear.

Status in neutron:
  New

Bug description:
  SNAT redirect rules should be removed only on Gateway clear and not for a gateway move or gateway reschedule.
  This would cause the snat_node unreachable by the dvr service ports on the originating node.

  How to reproduce it.

  1. Create a two network node setup (dvr_snat)
  2. Create a network
  3. Create a subnet
  4. Create a router and attach the subnet to the router.
  5. Set gateway to the router.
  6. Now try to reschedule the router to the secondary node or do a manaul move to a second node.
  7. In this case the 'external_gateway_removed" is called through 'external_gateway_updated' function and tries to call snat_redirect_remove.

  8. After you move the snat, the router namespace will not have the routing rule for the 'csnat' port.
  9. It clears up and you only see the base rules.

  Expected:
  root@ubuntu-ctlr:~/devstack# ip rule
  0:	from all lookup local 
  32766:	from all lookup main 
  32767:	from all lookup default 
  167772161:	from 10.0.0.1/24 lookup 167772161 
  root@ubuntu-ctlr:~/devstack# ip route s t 167772161
  default via 10.0.0.9 dev qr-18deeb39-3b 

  But Actual:
  root@ubuntu-ctlr:~/devstack# ip rule
  0:	from all lookup local 
  32766:	from all lookup main 
  32767:	from all lookup default

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1611964/+subscriptions

Follow ups

[Bug 1611964] Re: SNAT redirect rules should be removed only on Gateway clear.
From: OpenStack Infra, 2016-08-31