neutron

FIP ns created on network node for DVR

Bug #1723828 reported by sunzuohua
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
neutron
In Progress
Low
sunzuohua

Bug Description

I have a devstack with following configuration:
network nodes:
    /etc/neutron/l3_agent.ini
    [default]
    agent_mode = dvr_snat
compute nodes:
    /etc/neutron/l3_agent.ini
    [default]
    agent_mode = dvr_no_external

The reproduction steps
1.Launch VM and assign floating IP to it
2.Check namespace on network nodes.
3.You can see fip namespace on network nodes.

I guess the problem is that DvrLocalRouter is the inherited class of DvrEdgeRouter.
DvrLocalRouter will not create fip namespace only on nodes with "dvr_no_external" mode[1].
[1]https://github.com/openstack/neutron/blob/master/neutron/agent/l3/dvr_local_router.py#L569

Mybe DvrLocalRouter should not create fip namespace on nodes with "dvr_no_external" and "dvr_snat" mode.

Tags: dvr
sunzuohua (zuohuasun)
tags: added: dvr
Changed in neutron:
assignee: nobody → sunzuohua (zuohuasun)
Revision history for this message
Swaminathan Vasudevan (swaminathan-vasudevan) wrote :

This is as per design. The fip namespace gets created when gateway is enabled. This will be used for floating ip.created on an all in one node.

Revision history for this message
sunzuohua (zuohuasun) wrote :

But the fip namespace is not needed on an network only mode.
Before creating the fip namespace, checking the existing of floating ips for this node maybe can distinguish network only node and all in one node.

Revision history for this message
Brian Haley (brian-haley) wrote :

The fip namespace is needed for any centralized floating IPs, for example, floating IPs assigned to VMs on the dvr_no_external compute nodes. This is by design as Swami mentioned.

Revision history for this message
sunzuohua (zuohuasun) wrote :

In my opinion, the snat namespace is needed for any centralized floating IPs, not the fip namespace.
The fip namespace is needed on all in one node or dvr_no_external compute nodes.
Am I right?

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron (master)

Related fix proposed to branch: master
Review: https://review.openstack.org/512937

Boden R (boden)
Changed in neutron:
status: New → Confirmed
importance: Undecided → Low
Revision history for this message
Brian Haley (brian-haley) wrote :

This can be closed as a duplicate of 1723891 right?

Revision history for this message
sunzuohua (zuohuasun) wrote :

This is not closed as duplicate of 1723891:
    Fip agent port is created for 1723891.
    Fip ns is created on network node for this.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/520261

Changed in neutron:
status: Confirmed → In Progress
Revision history for this message
Swaminathan Vasudevan (swaminathan-vasudevan) wrote :

Yes I agree that we can check on the fips host bound to create the fip namespace.
But it would be complex now, since we are creating fip namespaces based on the gateway and not on floatingIP anymore, since we are supporting the Fast path exit.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on neutron (master)

Change abandoned by "Rodolfo Alonso <email address hidden>" on branch: master
Review: https://review.opendev.org/c/openstack/neutron/+/520261

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.