← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #87251

[Bug 1945215] [NEW] "process_floating_ip_nat_rules_for_centralized_floatingip" should check if self.snat_iptables_manager was initialized

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Environment:
L3 agent configuration: agent_mode=dvr_snat.
The L3 agent is located in a controller node, acting as a DVR edge router (no HA).

Description:
When "process_floating_ip_nat_rules_for_centralized_floatingip" is called, this method should check first if "self.snat_iptables_manager" has been initialized. The method "process_floating_ip_nat_rules_for_centralized_floatingip" is called from:
  <-- DvrEdgeRouter.process_floating_ip_nat_rules
  <-- RouterInfo.process_snat_dnat_for_fip
  <-- RouterInfo.process_external

The method "RouterInfo.process_external" will first call
"RouterInfo._process_external_gateway" -->
"DvrEdgeRouter.external_gateway_added" -->
"DvrEdgeRouter._create_dvr_gateway". This last method initializes the
SNAT iptables manager [1] (this code has been around unchanged six
years).

However "DvrEdgeRouter.external_gateway_added" is only called if
"ex_gw_port" exists. That means if the GW port does not exist, the SNAT
iptables manager is None.

Error example (snippet): https://paste.opendev.org/show/809621/

Steps to Reproduce:
(I'm not 100% sure, I still need to check) Create a FIP in a SNAT DVR router without GW port.

[1]https://github.com/openstack/neutron/blob/1d450dbddc8c3d34948ab3d9a8346dd491d9cc7c/neutron/agent/l3/dvr_edge_router.py#L196-L198

** Affects: neutron
     Importance: Undecided
     Assignee: Rodolfo Alonso (rodolfo-alonso-hernandez)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => Rodolfo Alonso (rodolfo-alonso-hernandez)

** Description changed:

  Environment:
  L3 agent configuration: agent_mode=dvr_snat.
  The L3 agent is located in a controller node, acting as a DVR edge router (no HA).
  
- 
  Description:
  When "process_floating_ip_nat_rules_for_centralized_floatingip" is called, this method should check first if "self.snat_iptables_manager" has been initialized. The method "process_floating_ip_nat_rules_for_centralized_floatingip" is called from:
-   <-- DvrEdgeRouter.process_floating_ip_nat_rules
-   <-- RouterInfo.process_snat_dnat_for_fip
-   <-- RouterInfo.process_external
-   
- The method "RouterInfo.process_external" will first call "RouterInfo._process_external_gateway" --> "DvrEdgeRouter.external_gateway_added" --> "DvrEdgeRouter._create_dvr_gateway". This last method initializes the SNAT iptables manager [1] (this code has been around unchanged six years).
+   <-- DvrEdgeRouter.process_floating_ip_nat_rules
+   <-- RouterInfo.process_snat_dnat_for_fip
+   <-- RouterInfo.process_external
+ 
+ The method "RouterInfo.process_external" will first call
+ "RouterInfo._process_external_gateway" -->
+ "DvrEdgeRouter.external_gateway_added" -->
+ "DvrEdgeRouter._create_dvr_gateway". This last method initializes the
+ SNAT iptables manager [1] (this code has been around unchanged six
+ years).
  
  However "DvrEdgeRouter.external_gateway_added" is only called if
  "ex_gw_port" exists. That means if the GW port does not exist, the SNAT
  iptables manager is None.
  
+ Error example (snippet): https://paste.opendev.org/show/809621/
  
  Steps to Reproduce:
  (I'm not 100% sure, I still need to check) Create a FIP in a SNAT DVR router without GW port.
  
- 
  [1]https://github.com/openstack/neutron/blob/1d450dbddc8c3d34948ab3d9a8346dd491d9cc7c/neutron/agent/l3/dvr_edge_router.py#L196-L198

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1945215

Title:
  "process_floating_ip_nat_rules_for_centralized_floatingip" should
  check if self.snat_iptables_manager was initialized

Status in neutron:
  New

Bug description:
  Environment:
  L3 agent configuration: agent_mode=dvr_snat.
  The L3 agent is located in a controller node, acting as a DVR edge router (no HA).

  Description:
  When "process_floating_ip_nat_rules_for_centralized_floatingip" is called, this method should check first if "self.snat_iptables_manager" has been initialized. The method "process_floating_ip_nat_rules_for_centralized_floatingip" is called from:
    <-- DvrEdgeRouter.process_floating_ip_nat_rules
    <-- RouterInfo.process_snat_dnat_for_fip
    <-- RouterInfo.process_external

  The method "RouterInfo.process_external" will first call
  "RouterInfo._process_external_gateway" -->
  "DvrEdgeRouter.external_gateway_added" -->
  "DvrEdgeRouter._create_dvr_gateway". This last method initializes the
  SNAT iptables manager [1] (this code has been around unchanged six
  years).

  However "DvrEdgeRouter.external_gateway_added" is only called if
  "ex_gw_port" exists. That means if the GW port does not exist, the
  SNAT iptables manager is None.

  Error example (snippet): https://paste.opendev.org/show/809621/

  Steps to Reproduce:
  (I'm not 100% sure, I still need to check) Create a FIP in a SNAT DVR router without GW port.

  [1]https://github.com/openstack/neutron/blob/1d450dbddc8c3d34948ab3d9a8346dd491d9cc7c/neutron/agent/l3/dvr_edge_router.py#L196-L198

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1945215/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next