yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1933092] Re: snat arp entry missing in qrouter namespace

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Hemanth Nakkina <1933092@xxxxxxxxxxxxxxxxxx>
Date: Wed, 07 Jul 2021 03:22:19 -0000
Reply-to: Bug 1933092 <1933092@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Also affects: neutron (Ubuntu)
   Importance: Undecided
       Status: New

** Also affects: neutron (Ubuntu Focal)
   Importance: Undecided
       Status: New

** Also affects: neutron (Ubuntu Hirsute)
   Importance: Undecided
       Status: New

** Also affects: neutron (Ubuntu Groovy)
   Importance: Undecided
       Status: New

** Also affects: neutron (Ubuntu Impish)
   Importance: Undecided
       Status: New

** Also affects: cloud-archive
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/victoria
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/ussuri
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/xena
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/wallaby
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1933092

Title:
  snat arp entry missing in qrouter namespace

Status in Ubuntu Cloud Archive:
  New
Status in Ubuntu Cloud Archive ussuri series:
  New
Status in Ubuntu Cloud Archive victoria series:
  New
Status in Ubuntu Cloud Archive wallaby series:
  New
Status in Ubuntu Cloud Archive xena series:
  New
Status in neutron:
  Fix Released
Status in neutron package in Ubuntu:
  New
Status in neutron source package in Focal:
  New
Status in neutron source package in Groovy:
  New
Status in neutron source package in Hirsute:
  New
Status in neutron source package in Impish:
  New

Bug description:
  In one of the cloud environment, the FIP attached to the Octavia
  Loadbalancer VIP is not reachable. After analysis, we found the ARP
  entry for SNAT IP is missing in the qrouter namespace where Amphora VM
  is running. And so the return packets are not forwarded from qrouter
  to snat on active l3-agent node.

  Version:
  Ubuntu Ussuri packages (16.3.2 point release)
  DVR+SNAT+L3HA enabled

  Expectation is to have PERMANENT arp entry for snat ip on qrouter namespace on all compute nodes
  192.168.33.238 dev qr-4ee692e0-7a lladdr fa:16:3e:25:6a:73 used 38/38/38 probes 0 PERMANENT

  How to reproduce:

  Attaching a script to simulate the problem (without octavia) with following steps
  1. network/subnet/router is created, network attached to router
  2. verify if qrouter on all compute nodes has arp entries related to snat ip
  3. if arp entries exists, delete network/subnet/router
  4. Repeat steps 1,2,3 until missing arp entry is observed.

  I am able to reproduce missing arp entry sometimes in 3rd loop and
  sometimes in 6th loop.

  Observed arp entries for snat ip is updated at the following places
  [1] [2] but get_snat_interfaces() and get_ports_by_subnet() are not
  updated with snat ip in non-working cases.

  [1] https://opendev.org/openstack/neutron/src/commit/dfd04115b059c2263cdd8ac44ccc2ec47614bcc3/neutron/agent/l3/dvr_local_router.py#L570
  [2] https://opendev.org/openstack/neutron/src/commit/dfd04115b059c2263cdd8ac44ccc2ec47614bcc3/neutron/agent/l3/dvr_local_router.py#L317

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1933092/+subscriptions

References

[Bug 1933092] [NEW] snat arp entry missing in qrouter namespace
From: Hemanth Nakkina, 2021-06-21