Fuel version info (9.0 mos #427): http://paste.openstack.org/show/508639/
During system startup (haproxy/vrouter namespaces) controller generates a lot of broadcast traffic (>100K pps), looks like incoming ARP requests/replies are promiscuously forwarded in management and public networks (see attached dump2 file). This leads to packet storm in network infra and in most cases switches shutdowns such ports (for example see bug #1589530):
Jun 7 20:07:10.351: %PM-4-ERR_DISABLE: storm-control error detected on Gi0/4, putting Gi0/4 in err-disable state
Jun 7 20:07:10.686: %STORM_CONTROL-3-SHUTDOWN: A packet storm was detected on Gi0/4. The interface has been disabled.
Jun 7 20:07:10.703: %SW_MATM-4-MACFLAP_NOTIF: Host b235.6fa0.7c50 in vlan 365 is flapping between port Gi0/4 and port Gi0/3
Jun 7 20:07:11.634: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/4, changed state to down
(NOTE: gi 0/3 is connected to eno1 on node-7, gi 0/4 - to eno2 on node-7; b235.6fa0.7c50 is a MAC of 'b_management' interface on node-7 in 'haproxy' NS)
Logs from node-7: http://paste.openstack.org/show/508768/
TCPdump statistics (for mirrored uplink port, 3 seconds between 20:07:09 and 20:07:11): http://paste.openstack.org/show/508769/
Steps to reproduce:
1. Enable storm control for ports which controller node is attached to, set 10% of 1Gb broadcast limit (or 100Mb/s)
2. Reboot controller node
Expected result: node is rebooted, no broadcast storm is detected
Actual result: node is rebooted, broadcast storm is detected, ports are disabled on the switch
Environment configuration:
3 controllers
3 computes
3 ceph-osd nodes
Diagnostic snapshot: https:/
Controller node that was rebooted: node-7