← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #83808

[Bug 1894843] [NEW] [dvr_snat] Router update deletes rfp interface from qrouter even when VM port is present on this host

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Hello,

In the case of dvr_snat l3 agents are deployed on hypervisors there can
be race condition. The agent creates snat namespaces on each scheduled
host and removes them at second step. At this second step agent removes
the rfp interface from qrouter even when there is VM with floating IP on
the host.

When VM is deployed at the time of second step we can lost external
access to VMs floating IP. The issue can be reproduced by hand:

1. Create tenant network and router with external gateway
2. Create VM with floating ip
3. Ensure that VM on the hypervisor without snat-* namespace
4. Set the router to disabled state (openstack router set --disable <router>)
5. Set the router to enabled state (openstack router set --enabled <router>)
6. The external access to VMs FIP have lost because L3 agent creates the qrouter namespace without rfp interface.


Environment:

1. Neutron with ML2 OVS plugin.
2. L3 agents in dvr_snat mode on each hypervisor
3. openstack-neutron-common-15.1.1-0.20200611111910.7d97420.el8ost.noarch

** Affects: neutron
     Importance: Undecided
         Status: New

** Summary changed:

- [dvr_snat] Router update deletes rfp interface from qrouter event when VM port is present on this host
+ [dvr_snat] Router update deletes rfp interface from qrouter even when VM port is present on this host

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1894843

Title:
  [dvr_snat] Router update deletes rfp interface from qrouter even when
  VM port is present on this host

Status in neutron:
  New

Bug description:
  Hello,

  In the case of dvr_snat l3 agents are deployed on hypervisors there
  can be race condition. The agent creates snat namespaces on each
  scheduled host and removes them at second step. At this second step
  agent removes the rfp interface from qrouter even when there is VM
  with floating IP on the host.

  When VM is deployed at the time of second step we can lost external
  access to VMs floating IP. The issue can be reproduced by hand:

  1. Create tenant network and router with external gateway
  2. Create VM with floating ip
  3. Ensure that VM on the hypervisor without snat-* namespace
  4. Set the router to disabled state (openstack router set --disable <router>)
  5. Set the router to enabled state (openstack router set --enabled <router>)
  6. The external access to VMs FIP have lost because L3 agent creates the qrouter namespace without rfp interface.

  
  Environment:

  1. Neutron with ML2 OVS plugin.
  2. L3 agents in dvr_snat mode on each hypervisor
  3. openstack-neutron-common-15.1.1-0.20200611111910.7d97420.el8ost.noarch

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1894843/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next