yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #56496
[Bug 1622938] Re: generating duplicate LLA iptables rules
Reviewed: https://review.openstack.org/369269
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=d1b9026729d085a9f986fb6c394a04b9aa5a87f6
Submitter: Jenkins
Branch: master
commit d1b9026729d085a9f986fb6c394a04b9aa5a87f6
Author: Kevin Benton <kevin@xxxxxxxxxx>
Date: Mon Sep 12 23:51:11 2016 -0700
Prevent duplicate LLA iptables rules
Check if lla,mac tuple is in pairs before appending
it again. Otherwise we end up generating duplicate
iptables rules.
Closes-Bug: #1622938
Change-Id: I43658a31f9853cbc94784f497193210990f769dd
** Changed in: neutron
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1622938
Title:
generating duplicate LLA iptables rules
Status in neutron:
Fix Released
Bug description:
Spotted in gate. Looks like we are generating duplicate iptables rules
for LLA v6 entries.
2016-09-13 08:10:15.769 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sa16bbb04-2 -s fe80::f816:3eff:fecd:f5b1/128 -m mac --mac-source FA:16:3E:CD:F5:B1 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
2016-09-13 08:10:41.844 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sd39667db-b -s fe80::f816:3eff:fe30:7756/128 -m mac --mac-source FA:16:3E:30:77:56 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
2016-09-13 08:10:41.844 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sa16bbb04-2 -s fe80::f816:3eff:fecd:f5b1/128 -m mac --mac-source FA:16:3E:CD:F5:B1 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
2016-09-13 08:10:55.708 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sd39667db-b -s fe80::f816:3eff:fe30:7756/128 -m mac --mac-source FA:16:3E:30:77:56 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
2016-09-13 08:10:55.708 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sa16bbb04-2 -s fe80::f816:3eff:fecd:f5b1/128 -m mac --mac-source FA:16:3E:CD:F5:B1 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
2016-09-13 08:10:55.798 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sd39667db-b -s fe80::f816:3eff:fe30:7756/128 -m mac --mac-source FA:16:3E:30:77:56 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
2016-09-13 08:10:55.798 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sa16bbb04-2 -s fe80::f816:3eff:fecd:f5b1/128 -m mac --mac-source FA:16:3E:CD:F5:B1 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
2016-09-13 08:10:59.713 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sd39667db-b -s fe80::f816:3eff:fe30:7756/128 -m mac --mac-source FA:16:3E:30:77:56 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
2016-09-13 08:10:59.713 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sa16bbb04-2 -s fe80::f816:3eff:fecd:f5b1/128 -m mac --mac-source FA:16:3E:CD:F5:B1 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
2016-09-13 08:11:03.825 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sd39667db-b -s fe80::f816:3eff:fe30:7756/128 -m mac --mac-source FA:16:3E:30:77:56 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
2016-09-13 08:11:03.825 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sa16bbb04-2 -s fe80::f816:3eff:fecd:f5b1/128 -m mac --mac-source FA:16:3E:CD:F5:B1 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
2016-09-13 08:11:09.679 13401 WARNING neutron.agent.linux.iptables_manager [req-4534b4a3-484e-4fc5-8b44-0e91d70feb88 - -] Duplicate iptables rule detected. This may indicate a bug in the the iptables rule generation code. Line: -A neutron-linuxbri-sa16bbb04-2 -s fe80::f816:3eff:fecd:f5b1/128 -m mac --mac-source FA:16:3E:CD:F5:B1 -m comment --comment "Allow traffic from defined IP/MAC pairs." -j RETURN
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1622938/+subscriptions
References
