neutron

Invalid subnet cidr cause dhcp runtimerror

Bug #1471957 reported by Tristan Cacqueray
26
This bug affects 3 people
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Low
Andrew Karpow

Bug Description

Trace:
ERROR neutron.agent.linux.utils [req-26ce0148-4bc4-40bd-96ac-e9d484f37b61 demo 12b3399d1cb64da488e20f6a7c355d10]
Command: ['sudo', '/usr/local/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qdhcp-6cdefebf-ab88-4f55-b2b9-719286a7b75b', 'ip', 'route', 'replace', 'default', 'via', '0.0.0.1', 'dev', 'tapb81e677c-8c']
Exit code: 2
Stdout: ''
Stderr: 'RTNETLINK answers: Network is unreachable\n'
ERROR neutron.agent.dhcp_agent [req-26ce0148-4bc4-40bd-96ac-e9d484f37b61 demo 12b3399d1cb64da488e20f6a7c355d10] Unable to enable dhcp for 6cdefebf-ab88-4f55-b2b9-719286a7b75b.
Traceback (most recent call last):
  File "/opt/stack/neutron/neutron/agent/dhcp_agent.py", line 128, in call_driver
    getattr(driver, action)(**action_kwargs)
  File "/opt/stack/neutron/neutron/agent/linux/dhcp.py", line 205, in enable
    interface_name = self.device_manager.setup(self.network)
  File "/opt/stack/neutron/neutron/agent/linux/dhcp.py", line 1056, in setup
    self._set_default_route(network, interface_name)
  File "/opt/stack/neutron/neutron/agent/linux/dhcp.py", line 928, in _set_default_route
    device.route.add_gateway(subnet.gateway_ip)
  File "/opt/stack/neutron/neutron/agent/linux/ip_lib.py", line 395, in add_gateway
    self._as_root(*args)
  File "/opt/stack/neutron/neutron/agent/linux/ip_lib.py", line 242, in _as_root
    kwargs.get('use_root_namespace', False))
  File "/opt/stack/neutron/neutron/agent/linux/ip_lib.py", line 74, in _as_root
    log_fail_as_error=self.log_fail_as_error)
  File "/opt/stack/neutron/neutron/agent/linux/ip_lib.py", line 86, in _execute
    log_fail_as_error=log_fail_as_error)
  File "/opt/stack/neutron/neutron/agent/linux/utils.py", line 84, in execute
    raise RuntimeError(m)
TRACE neutron.agent.dhcp_agent RuntimeError:
TRACE neutron.agent.dhcp_agent Command: ['sudo', '/usr/local/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qdhcp-6cdefebf-ab88-4f55-b2b9-719286a7b75b', 'ip', 'route', 'replace', 'default', 'vi
a', '0.0.0.1', 'dev', 'tapb81e677c-8c']
TRACE neutron.agent.dhcp_agent Exit code: 2
TRACE neutron.agent.dhcp_agent Stdout: ''
TRACE neutron.agent.dhcp_agent Stderr: 'RTNETLINK answers: Network is unreachable\n'
TRACE neutron.agent.dhcp_agent

Steps to reproduce:
NET_NAME=test-ip
neutron net-create ${NET_NAME}
neutron port-create ${NET_NAME}
neutron subnet-create ${NET_NAME} 0.0.0.0/8

Impact:
cause logs to grow more than necessary

Tags: l3-ipam-dhcp
zhaobo (zhaobo6)
Changed in neutron:
status: New → Confirmed
assignee: nobody → zhaobo (zhaobo6)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/201942

Changed in neutron:
status: Confirmed → In Progress
Ryan Moats (rmoats)
tags: added: l3-ipam-dhcp
Carl Baldwin (carl-baldwin)
Changed in neutron:
importance: Undecided → Low
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on neutron (master)

Change abandoned by ZhaoBo (<email address hidden>) on branch: master
Review: https://review.openstack.org/201942
Reason: As this bug is related with neutron-lib. So abandon this patch.

zhaobo (zhaobo6)
Changed in neutron:
assignee: zhaobo (zhaobo6) → nobody
Revision history for this message
Armando Migliaccio (armando-migliaccio) wrote :

This bug is > 180 days without activity. We are unsetting assignee and milestone and setting status to Incomplete in order to allow its expiry in 60 days.

If the bug is still valid, then update the bug status.

Changed in neutron:
status: In Progress → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for neutron because there has been no activity for 60 days.]

Changed in neutron:
status: Incomplete → Expired
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/577463

Changed in neutron:
assignee: nobody → Andrew Karpow (andyonce)
status: Expired → In Progress
Revision history for this message
Lu lei (lei-lu) wrote :

hi, Andrew. Not only does 0.0.0.0 network cause this problem, all 0.x.x.x network will cause this problem.

OpenStack Infra (hudson-openstack)
Changed in neutron:
assignee: Andrew Karpow (andyonce) → Lu lei (lei-lu)
Revision history for this message
Hongbin Lu (hongbin.lu) wrote :

I tested it with 10.0.0.0/4 and it seems to have the same problem, so the problem is limited to 0.x.x.x

NET_NAME=test-ip
neutron net-create ${NET_NAME}
neutron subnet-create ${NET_NAME} 10.0.0.0/4

Revision history for this message
Hongbin Lu (hongbin.lu) wrote :

s/is *not* limited to/

OpenStack Infra (hudson-openstack)
Changed in neutron:
assignee: Lu lei (lei-lu) → Andrew Karpow (andyonce)
Revision history for this message
Brian Haley (brian-haley) wrote :

Hongbin - can you give some more info, like what was in the logs after that? That subnet is neither in the reserved nor private ranges (10.0.0.0/8 is), and I don't want to add more ranges to the validator if we don't need to.

Revision history for this message
Hongbin Lu (hongbin.lu) wrote :

Here is the error in DHCP logs after the subnet-create command: http://paste.openstack.org/show/727176/ . Looking into it.

Revision history for this message
Brian Haley (brian-haley) wrote :

That paste had the 0.0.0.1 IP:

['ip', 'netns', 'exec', 'qdhcp-804e5466-0aa1-4dd6-ad8f-9999616e9dfb', 'ip', '-4', 'route', 'replace', 'default', 'via', '0.0.0.1', 'dev', 'tap0d440b36-78']

I wonder how that happened with a 10.0.0.0/4 subnet?

Revision history for this message
Brian Haley (brian-haley) wrote :

But I can confirm I see the same error using 10.0.0.0/4 :(

Revision history for this message
Brian Haley (brian-haley) wrote :

Eww, look at the subnet that was created:

$ neutron subnet-create test-ip 10.0.0.0/4
+-------------------+-----------------------------------------------+
| Field | Value |
 +-------------------+-----------------------------------------------+
| allocation_pools | {"start": "0.0.0.2", "end": "15.255.255.254"} |
| cidr | 0.0.0.0/4 |
| created_at | 2018-08-02T20:37:06Z |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 0.0.0.1 |
| host_routes | |
| id | dd40e03e-9b61-442c-a61c-49e71854ac12 |
| ip_version | 4 |
 ...

Revision history for this message
Hongbin Lu (hongbin.lu) wrote :

Yes, it looks the created subnet should not fall into network '0.0.0.0/1' in order to guarantee that the gateway is not '0.0.0.1'

Revision history for this message
Brian Haley (brian-haley) wrote :

>>> import netaddr
>>> net = netaddr.IPNetwork('10.0.0.0/4')
>>> net.network
IPAddress('0.0.0.0')

When it calculates the mask and ands it with the passed network value that is what we get.

>>> net.first
0

^^ That might be a possible check that will break us.

Revision history for this message
Brian Haley (brian-haley) wrote :

s/break us/to not break us - i.e. easy to catch as an error

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/577463
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=c57fede20f0549e3e46cd4dff7d57b5ab39b0805
Submitter: Zuul
Branch: master

commit c57fede20f0549e3e46cd4dff7d57b5ab39b0805
Author: Andrew Karpow <email address hidden>
Date: Fri Jun 22 18:00:52 2018 +0200

    Disallow networks with first ip 0.0.0.0 with dhcp enabled

    fixes dhcp-agent errors due to establishing 0.0.0.1 as default gw

    Change-Id: I9e64b4597896ffde6a2f4caff81c64ca7738e402
    Closes-Bug: #1471957
    Signed-off-by: Andrew Karpow <email address hidden>

Changed in neutron:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/neutron 14.0.0.0b1

This issue was fixed in the openstack/neutron 14.0.0.0b1 development milestone.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.