← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #93296

[Bug 2049546] [NEW] neutron-linuxbridge-agent ebtables RULE_DELETE failed (Invalid argument)

  Thread PreviousDate PreviousThread Next 
Public bug reported:

neutron-linuxbridge-agent fails and gets stuck when cleaning up ARP
protection rules:

     neutron-linuxbridge-agent[3049824]: Exit code: 4; Cmd: ['ebtables',
'-t', 'nat', '--concurrent', '-D', 'neutronMAC-tap50f1af99-28', '-i',
'tap50f1af99-28', '--among-src', 'fa:16:3e:ba:10:2a', '-j', 'RETURN'];
Stdin: ; Stdout: ; Stderr: ebtables v1.8.7 (nf_tables):  RULE_DELETE
failed (Invalid argument): rule in chain neutronMAC-tap50f1af99-28

Afterward, it stops responding to RPC messages and nova-compute times
out waiting for vif-plugged events.

Version:

  * OpenStack Zed from Ubuntu cloud archive
  * Ubuntu 22.04 LTS
  * 5.15.0-91-generic #101-Ubuntu
  * Deployed via Ubuntu cloud archive packages

Context:

The document
https://github.com/openstack/neutron/blob/stable/zed/doc/source/admin/deploy-
lb.rst mentions some resolved issues with ebtables based on nftables,
and the scenarios from the linked bug reports do work. The issue here
appears to only happens when removing ARP spoofing rules. We have a few
compute hosts with a high churn, many instances created and deleted. On
these, neutron-linuxbridge-agent works visibly fine until it becomes too
stuck.

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2049546

Title:
  neutron-linuxbridge-agent ebtables RULE_DELETE failed (Invalid
  argument)

Status in neutron:
  New

Bug description:
  neutron-linuxbridge-agent fails and gets stuck when cleaning up ARP
  protection rules:

       neutron-linuxbridge-agent[3049824]: Exit code: 4; Cmd:
  ['ebtables', '-t', 'nat', '--concurrent', '-D', 'neutronMAC-
  tap50f1af99-28', '-i', 'tap50f1af99-28', '--among-src',
  'fa:16:3e:ba:10:2a', '-j', 'RETURN']; Stdin: ; Stdout: ; Stderr:
  ebtables v1.8.7 (nf_tables):  RULE_DELETE failed (Invalid argument):
  rule in chain neutronMAC-tap50f1af99-28

  Afterward, it stops responding to RPC messages and nova-compute times
  out waiting for vif-plugged events.

  Version:

    * OpenStack Zed from Ubuntu cloud archive
    * Ubuntu 22.04 LTS
    * 5.15.0-91-generic #101-Ubuntu
    * Deployed via Ubuntu cloud archive packages

  Context:

  The document
  https://github.com/openstack/neutron/blob/stable/zed/doc/source/admin/deploy-
  lb.rst mentions some resolved issues with ebtables based on nftables,
  and the scenarios from the linked bug reports do work. The issue here
  appears to only happens when removing ARP spoofing rules. We have a
  few compute hosts with a high churn, many instances created and
  deleted. On these, neutron-linuxbridge-agent works visibly fine until
  it becomes too stuck.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2049546/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next