neutron

dnsmasq returns its own IP as gateway

Bug #1170793 reported by dan wendlandt
20
This bug affects 3 people
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Medium
Armando Migliaccio
neutron 2013.2 "havana"
Grizzly
Fix Released
Medium
Gary Kotton
neutron 2013.1.2

Bug Description

I'm getting a weird behaviour. When I run a VM, it gets the address of DHCP server (dnsmasq) as the default gateway !!!!
My install is as follow :
  - two physical nodes, each with two NICs (one for management network, and the other for Data network (VMs) )
  - OS : CentOS 6.4
  - L2 plugin : Linuxbridge
  - namespaces=False
  - dhcp-agent is running on the controller node (all openstack services : nova, glance, cinder, quantum-server, ...)
  - l3-agent is runnig on the compute node
Because of the misconfigured gateway, I can't access to my VMs using floating IPs, till I change the default gateway myself(I can access the VMs using their fixed IPs)
any idea what's wrong?
if you need any additional information, you can ask.
thanks in advance

Tags: l3-ipam-dhcp
Revision history for this message
dan wendlandt (danwent) wrote :

yeah, i've seen this before.

My understand is that this happens on redhat/centos versions that have a version of dnsmasq that is older than what quantum is expecting. basically, the config we push to dnsmasq is not interpreted correctly, meaning dnsmasq does its default behavior of using its own IP as the gateway. i'll convert this to a bug, as we should either check the dnsmasq version and push the right config, or document the version requirements around dnsmasq better.

Revision history for this message
Anas ASO (aso-anas) wrote :

Here is a work around. You can install a newer version and the problem will be solved.
This is the version I installed to solve this problem : Dnsmasq version 2.65 Copyright (c) 2000-2012 Simon Kelley
http://www.mediafire.com/download.php?djqxz6lqa21hid6

But I still think that this bug need to be fixed, because I think RPM based distributions don't update frequently their packages base till there is a bug fixe or a security issue in the packages.

Changed in quantum:
status: New → Confirmed
Revision history for this message
Mark McClain (markmcclain) wrote :

We currently document the dnsmasq minimum version here:

http://docs.openstack.org/trunk/openstack-network/admin/content/ch_install.html

I know it is not the most obvious place. Where else should we advertise this to make it easier to reference when deploying?

We cannot support older versions because there are other bugs pre 2.59 that will cause operational issues.

tags: added: l3-ipam-dhcp
Revision history for this message
Anas ASO (aso-anas) wrote :

dnsmasq is used by quantum-dhcp-agent, I guess advertising the required version should be here :

http://docs.openstack.org/trunk/openstack-network/admin/content/fedora_q_dhcp.html

I chose to put it in the fedora section, because nobody is complaining about this problem in Ubuntu. So, my guess is the available version of dnsmasq in Ubuntu fulfill its duty.

Revision history for this message
yong sheng gong (gongysh) wrote :

how about adding the dnsmasq version requirement into http://docs.openstack.org/trunk/openstack-network/admin/content/ch_limitations.html?

Armando Migliaccio (armando-migliaccio)
Changed in quantum:
assignee: nobody → Armando Migliaccio (armando-migliaccio)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to quantum (master)

Fix proposed to branch: master
Review: https://review.openstack.org/28489

Changed in quantum:
status: Confirmed → In Progress
Revision history for this message
Anas ASO (aso-anas) wrote :

I want to add that older versions of dnsmasq not support "dhcp_release", so the option "force_dhcp_release", in nova.conf, has no effect on releasing unused fixed IPs.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to quantum (master)

Reviewed: https://review.openstack.org/28489
Committed: http://github.com/openstack/quantum/commit/364032897293256436647cb89c61a3dffb408946
Submitter: Jenkins
Branch: master

commit 364032897293256436647cb89c61a3dffb408946
Author: armando-migliaccio <email address hidden>
Date: Tue May 7 17:10:22 2013 -0700

    Log a warning if dnsmasq version is below the minimum required

    It has been noted that older versions of dnsmasq may have unexpected
    behavior, so this patch introduces a check on dnsmasq version; if
    the minimum version is not met, a warning is logged. This is less
    invasive than raising an Exception and abort the dhcp agent, even
    though this also seems like a perfectly acceptable behavior.

    Fixes bug 1170793

    Change-Id: Idd91c3753fb05f223ed0e3c53ad692ee65ea4905

Changed in quantum:
status: In Progress → Fix Committed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to quantum (master)

Fix proposed to branch: master
Review: https://review.openstack.org/29083

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to quantum (master)

Reviewed: https://review.openstack.org/29083
Committed: http://github.com/openstack/quantum/commit/6012b7e97c361a90d88a573d3c6a9f33e03f4281
Submitter: Jenkins
Branch: master

commit 6012b7e97c361a90d88a573d3c6a9f33e03f4281
Author: Gary Kotton <email address hidden>
Date: Tue May 14 13:20:44 2013 +0000

    Add support for dnsmasq version 2.48

    Following the bug fix for bug 1170793 we are able to add
    in support for dnsmasq versions that do not support tags.

    2.48 is the version shipped in RHEL 6.4

    Change-Id: Ia7d2b1c0adb477159ce146bcd4323d4b2795bff5

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to quantum (stable/grizzly)

Fix proposed to branch: stable/grizzly
Review: https://review.openstack.org/29628

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: stable/grizzly
Review: https://review.openstack.org/29630

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: stable/grizzly
Review: https://review.openstack.org/29631

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to quantum (stable/grizzly)

Reviewed: https://review.openstack.org/29631
Committed: http://github.com/openstack/quantum/commit/120c166a4f483d5e52d4178ba155eee01c22769a
Submitter: Jenkins
Branch: stable/grizzly

commit 120c166a4f483d5e52d4178ba155eee01c22769a
Author: armando-migliaccio <email address hidden>
Date: Tue May 7 17:10:22 2013 -0700

    Log a warning if dnsmasq version is below the minimum required

    It has been noted that older versions of dnsmasq may have unexpected
    behavior, so this patch introduces a check on dnsmasq version; if
    the minimum version is not met, a warning is logged. This is less
    invasive than raising an Exception and abort the dhcp agent, even
    though this also seems like a perfectly acceptable behavior.

    Fixes bug 1170793

    (cherry picked from commit 364032897293256436647cb89c61a3dffb408946)

    Aforementioned cherry-pick has sudo issues hence the additional one
    (cherry picked from commit 91b56e41eecf2cd8b4c848b4e773a1be307b40c3)

    Change-Id: I8475afc6bdd6145d2a491177af080fee960cb3e6

tags: added: in-stable-grizzly
Mark McClain (markmcclain)
Changed in quantum:
importance: Undecided → Medium
milestone: none → havana-1
Thierry Carrez (ttx)
Changed in quantum:
status: Fix Committed → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Reviewed: https://review.openstack.org/29630
Committed: http://github.com/openstack/quantum/commit/3339f96afefb569dde450888493aaa0307f0406e
Submitter: Jenkins
Branch: stable/grizzly

commit 3339f96afefb569dde450888493aaa0307f0406e
Author: Gary Kotton <email address hidden>
Date: Tue May 14 13:20:44 2013 +0000

    Add support for dnsmasq version 2.48

    Following the bug fix for bug 1170793 we are able to add
    in support for dnsmasq versions that do not support tags.

    2.48 is the version shipped in RHEL 6.4

    Change-Id: Ia7d2b1c0adb477159ce146bcd4323d4b2795bff5
    (cherry picked from commit 6012b7e97c361a90d88a573d3c6a9f33e03f4281)

Alan Pevec (apevec)
tags: removed: in-stable-grizzly
Thierry Carrez (ttx)
Changed in neutron:
milestone: havana-1 → 2013.2
Revision history for this message
Dan Kenigsberg (danken-z) wrote :

markmcclain, regarding "We cannot support older versions because there are other bugs pre 2.59 that will cause operational issues". Do we have a list of these known bugs?

This pages mentions two: no tag:/set: support (fixed), and no dhcp_release (still open). Are there more?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.