yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #61236
[Bug 1645317] Re: FIP and router iptables are not updated when associated port ip address is changed
[Expired for neutron because there has been no activity for 60 days.]
** Changed in: neutron
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1645317
Title:
FIP and router iptables are not updated when associated port ip
address is changed
Status in neutron:
Expired
Bug description:
Newton,
[root@controller-0 ~]# rpm -qa | grep neutron
python-neutron-lib-0.4.0-1.el7ost.noarch
puppet-neutron-9.4.2-1.el7ost.noarch
python-neutron-9.1.0-6.el7ost.noarch
openstack-neutron-ml2-9.1.0-6.el7ost.noarch
openstack-neutron-bigswitch-agent-9.40.0-1.1.el7ost.noarch
openstack-neutron-openvswitch-9.1.0-6.el7ost.noarch
openstack-neutron-common-9.1.0-6.el7ost.noarch
openstack-neutron-9.1.0-6.el7ost.noarch
We have a VM with FIP associated to it.
[stack@undercloud-0 ~]$ nova list
+--------------------------------------+------+--------+------------+-------------+---------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------+--------+------------+-------------+---------------------------------+
| 1fe84939-5739-4723-8466-5b0e20e29650 | VM-1 | ACTIVE | - | Running | int_net=192.168.0.7, 10.0.0.211 |
+--------------------------------------+------+--------+------------+-------------+---------------------------------+
[stack@undercloud-0 ~]$ neutron floatingip-show a009ff12-279e-4be3-bb40-0a1cf8b6c2ea
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| created_at | 2016-11-28T12:02:27Z |
| description | |
| fixed_ip_address | 192.168.0.7 | <<<------------------------
| floating_ip_address | 10.0.0.211 |
| floating_network_id | 7e09c182-b829-4174-ba0b-5e90efc20f54 |
| id | a009ff12-279e-4be3-bb40-0a1cf8b6c2ea |
| port_id | 7d749eb0-633d-4114-b322-414d19f86046 |
| project_id | af788c6da1fb4388b09040aa99c997bc |
| revision_number | 4 |
| router_id | 9696bdb2-a5bd-4f92-a112-3f1f171e823c |
| status | ACTIVE |
| tenant_id | af788c6da1fb4388b09040aa99c997bc |
| updated_at | 2016-11-28T12:22:45Z |
+---------------------+--------------------------------------+
After updating the VMport:
openstack port set parent_port --fixed-ip subnet=0a0f0ac2-2bc6-423c-9197-7c3313438c2d,ip-address=192.168.0.55
openstack port unset parent_port --fixed-ip
subnet=0a0f0ac2-2bc6-423c-9197-7c3313438c2d,ip-address=192.168.0.7
The FIP remained the same and the IP was not changed from 192.168.0.7 to 192.168.0.55.
The connectivity to the VM was lost due to unchanged iptable rules on the router
[root@controller-0 ~]# ip net e qrouter-9696bdb2-a5bd-4f92-a112-3f1f171e823c iptables -t nat -L | grep 211
SNAT all -- 192.168.0.7 anywhere to:10.0.0.211 <<<-------------
We should have the iptables rule and FIP updated automatically.
Connectivity should not be lost.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1645317/+subscriptions
References
