yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #81773
[Bug 1865061] [NEW] When neutron does a switch-over between router 1 and router2, the router1 conntrack flows shoud be deleted
Public bug reported:
Originally reported for RHOSP-14 by Candido Campos.
Description of problem:
When neutron does a switch-over between router 1 and router2, the
contrack flows of router1 shoud be deleted
How reproducible:
Steps to Reproduce:
1. Deploy OpenStack with 3 controllers
2. Create a Network with a router and at least one vm
3. create a fip and assign it to the vm
4. ssh to vm fip: ssh -vvv cirros@X.X.X.X
5. In controller with active router: ip netns exec qrouter-XX ip link set ha-XXX down ; ip netns exec qrouter-XX ip link set ha-XXX up
7.Check that contrack flows are not deleted: docker exec -t -i -u root neutron_l3_agent ip netns exec qrouter-XXX conntrack -L
7. Again In controller with active router: ip netns exec qrouter-XX ip link set ha-XXX down ; ip netns exec qrouter-XX ip link set ha-XXX up
8.When router active switch back to the previous router ssh connection is broken.
Actual results:
conntrack flows are reused. SSh connection is broken.
Expected results:
contrack flows are recreated. ssh connection isn't broken.
The problem exists only if second failover will be done in short time,
before conntrack table on first controller will be cleared. So it's not
very serious problem for real L3HA deployments probably but it would be
nice to have it fixed.
** Affects: neutron
Importance: Low
Status: Confirmed
** Tags: l3-ha
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1865061
Title:
When neutron does a switch-over between router 1 and router2, the
router1 conntrack flows shoud be deleted
Status in neutron:
Confirmed
Bug description:
Originally reported for RHOSP-14 by Candido Campos.
Description of problem:
When neutron does a switch-over between router 1 and router2, the
contrack flows of router1 shoud be deleted
How reproducible:
Steps to Reproduce:
1. Deploy OpenStack with 3 controllers
2. Create a Network with a router and at least one vm
3. create a fip and assign it to the vm
4. ssh to vm fip: ssh -vvv cirros@X.X.X.X
5. In controller with active router: ip netns exec qrouter-XX ip link set ha-XXX down ; ip netns exec qrouter-XX ip link set ha-XXX up
7.Check that contrack flows are not deleted: docker exec -t -i -u root neutron_l3_agent ip netns exec qrouter-XXX conntrack -L
7. Again In controller with active router: ip netns exec qrouter-XX ip link set ha-XXX down ; ip netns exec qrouter-XX ip link set ha-XXX up
8.When router active switch back to the previous router ssh connection is broken.
Actual results:
conntrack flows are reused. SSh connection is broken.
Expected results:
contrack flows are recreated. ssh connection isn't broken.
The problem exists only if second failover will be done in short time,
before conntrack table on first controller will be cleared. So it's
not very serious problem for real L3HA deployments probably but it
would be nice to have it fixed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1865061/+subscriptions
