← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #74301

[Bug 1786408] Re: IPsec shutdown and re-up the external-interface , routing missing

  Thread PreviousDate PreviousThread Next 
Thks,all.I think this is resolved.

** Changed in: neutron
       Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1786408

Title:
  IPsec shutdown and re-up the external-interface ,routing missing

Status in neutron:
  Invalid

Bug description:
  [openstack version kilo]
  lan1 192.168.252.0/24
     |
     |  192.168.252.1
     |  172.77.3.39 floatingip
   qrouter
     |  172.88.1.39
     |
     |
  internet
     |
     |
     |  172.88.1.38
   qrouter
     |  172.77.3.38 floatingip
     |  192.168.253.1
     |
    lan2 192.168.253.0/24
  After setting up ipsec-tunnel successfully,lan1 can ping lan2.Then shut down qrouter external gateway v-interface and re-up,ipsec-site-connection keep alive and ipsec whack checking is normal,but lan1 can't ping lan2 this time.Using 'ip netns exec route -n' to check,some important routing entry missing leading communication-failure,just like the below sample.Although the defaulting-routing entry exists,communication is failed:
  [before re-uping]
  Kernel IP routing table
  Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
  0.0.0.0         172.88.1.254    0.0.0.0         UG    0      0        0 qg-8889b596-a5
  172.77.3.0      0.0.0.0         255.255.255.0   U     0      0        0 qg-8889b596-a5
  172.77.3.38     0.0.0.0         255.255.255.255 UH    0      0        0 *
  172.88.1.0      0.0.0.0         255.255.255.0   U     0      0        0 qg-8889b596-a5
  192.168.252.0   172.88.1.254    255.255.255.0   UG    0      0        0 qg-8889b596-a5 ⭐-->will missing
  192.168.253.0   0.0.0.0         255.255.255.0   U     0      0        0 qr-799ac9c5-58

  [after re-uping]
  Kernel IP routing table
  Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
  0.0.0.0         172.88.1.254    0.0.0.0         UG    0      0        0 qg-8889b596-a5
  172.77.3.0      0.0.0.0         255.255.255.0   U     0      0        0 qg-8889b596-a5
  172.77.3.38     0.0.0.0         255.255.255.255 UH    0      0        0 *
  172.88.1.0      0.0.0.0         255.255.255.0   U     0      0        0 qg-8889b596-a5
  192.168.253.0   0.0.0.0         255.255.255.0   U     0      0        0 qr-799ac9c5-58

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1786408/+subscriptions

References

  Thread PreviousDate PreviousThread Next