yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #93902
[Bug 2063463] [NEW] [ovn-octavia-provider] hairpin_snat_ip not set
Public bug reported:
At the moment, the OVN octavia provider does not set `hairpin_snat_ip`
out of the box which means that if a backend server is sending requests
to a load balancer which it is also a backend server of, it will get
that request where the source IP of the request is the floating IP of
the service.
The issue here is that there are two backend IPs, one floating and one
fixed and there is non-deterministic behaviour if `hairpin_snat_ip` is
not set.
We should ideally set `hairpin_snat_ip` to the internal IP so that it
always hairpins from that IP as opposed to many other IPs which will
make it easier to manage security groups as well.
** Affects: neutron
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2063463
Title:
[ovn-octavia-provider] hairpin_snat_ip not set
Status in neutron:
New
Bug description:
At the moment, the OVN octavia provider does not set `hairpin_snat_ip`
out of the box which means that if a backend server is sending
requests to a load balancer which it is also a backend server of, it
will get that request where the source IP of the request is the
floating IP of the service.
The issue here is that there are two backend IPs, one floating and one
fixed and there is non-deterministic behaviour if `hairpin_snat_ip` is
not set.
We should ideally set `hairpin_snat_ip` to the internal IP so that it
always hairpins from that IP as opposed to many other IPs which will
make it easier to manage security groups as well.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2063463/+subscriptions
