← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #60179

[Bug 1653830] [NEW] Security group filters for all ports are refreshed on any DHCP port change

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Whenever any change is made to a DHCP agent port, a refresh of all
security group filters for all ports on that network is triggered.  This
is unnecessary as all instance ports automatically get a blanket allow
rule for DHCP port numbers.  So changes to DHCP ports in no way require
updates to any filters.

For networks with a large number of ports, this also generates
significant load against neutron-server and the backend database.

Steps to reproduce:

- Network with some number of instance ports
- Add or remove a DHCP agent from that network (constitutes a change of DHCP ports)
- A refresh for all ports on that network is triggered

See:
https://github.com/openstack/neutron/blob/master/neutron/db/securitygroups_rpc_base.py#L138-L140

We experience this issue in Liberty, and it's still present in master.

** Affects: neutron
     Importance: Undecided
     Assignee: Mike Dorman (mdorman-m)
         Status: In Progress

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1653830

Title:
  Security group filters for all ports are refreshed on any DHCP port
  change

Status in neutron:
  In Progress

Bug description:
  Whenever any change is made to a DHCP agent port, a refresh of all
  security group filters for all ports on that network is triggered.
  This is unnecessary as all instance ports automatically get a blanket
  allow rule for DHCP port numbers.  So changes to DHCP ports in no way
  require updates to any filters.

  For networks with a large number of ports, this also generates
  significant load against neutron-server and the backend database.

  Steps to reproduce:

  - Network with some number of instance ports
  - Add or remove a DHCP agent from that network (constitutes a change of DHCP ports)
  - A refresh for all ports on that network is triggered

  See:
  https://github.com/openstack/neutron/blob/master/neutron/db/securitygroups_rpc_base.py#L138-L140

  We experience this issue in Liberty, and it's still present in master.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1653830/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next