yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1057558] Re: I can't add interface to router, if there is another port in non-shared network of other tenant

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Corey Bryant <corey.bryant@xxxxxxxxxxxxx>
Date: Fri, 05 Oct 2018 13:03:31 -0000
Reply-to: Bug 1057558 <1057558@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: quantum (Ubuntu Precise)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1057558

Title:
  I can't add interface to router, if there is another port in non-
  shared network of other tenant

Status in neutron:
  Fix Released
Status in neutron folsom series:
  Fix Released
Status in quantum package in Ubuntu:
  Fix Released
Status in quantum source package in Precise:
  Won't Fix
Status in quantum source package in Quantal:
  Fix Released

Bug description:
  Hello, I  have a problem. I'm unable to add interface to router, if previously another interface was added, from network in other subnet. There is some confusing error message: 
  yar@os-controller:/opt/stack/quantum/quantum/db$ sudo quantum --os_username=demo --os_tenant_name=demo --os_password=bf1af2bd6a80158f7827 --os_auth_url=http://localhost:35357/v2.0 router-interface-add 08d76d1d-3aba-4b8e-a4e0-99ef420ac520 3e159530-1397-4a3f-b380-1f7c93eb7df0
  Subnet afb62abc-9fe1-46af-b90d-be9696c270e9 could not be found
  It's confusing, because I've trying to add interface with subnet 3e159530-1397-4a3f-b380-1f7c93eb7df0, but got error about subnet afb62abc-9fe1-46af-b90d-be9696c270e9.

  Stacktrace:
  2012-09-27 14:17:48    ERROR [quantum.api.v2.resource] add_router_interface failed
  Traceback (most recent call last):
    File "/opt/stack/quantum/quantum/api/v2/resource.py", line 95, in resource
      result = method(request=request, **args)
    File "/opt/stack/quantum/quantum/api/v2/base.py", line 154, in _handle_action
      return getattr(self._plugin, name)(request.context, id, body)
    File "/opt/stack/quantum/quantum/db/l3_db.py", line 318, in add_router_interface
      subnet['network_id'], subnet_id)
    File "/opt/stack/quantum/quantum/db/l3_db.py", line 264, in _check_for_dup_router_subnet
      cidr = self._get_subnet(context, ip['subnet_id'])['cidr']
    File "/opt/stack/quantum/quantum/db/db_base_plugin_v2.py", line 158, in _get_subnet
      raise q_exc.SubnetNotFound(subnet_id=id)
  SubnetNotFound: Subnet afb62abc-9fe1-46af-b90d-be9696c270e9 could not be found

  So, obviously, the problem was caused by subnet overlapping check,
  which iterates from all interface ports in this router, and get
  subnets from it. the main problem is that it try to do this with
  user's context, and subnets from other tenants was not found.

  BTW, this bug leads to information disclosure about other tenant's
  network ids.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1057558/+subscriptions