VM can't get IP without default egress rules on OVN
Bug #2028142 reported by
Trygve Vea
This bug report is a duplicate of:
Bug #1926515: DHCP for VM fails when removing security group default rules.
Edit
Remove
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| neutron |
Confirmed
|
Medium
|
Unassigned | ||
Bug Description
Confirmed on:
- RDO stable/2023.1 (antelope)
- Almalinux 9, kernel 5.14.0-
- Neutron 22.0.2 (RDO)
- OVN 22.12 (from CentOS SIG)
How to reproduce:
- Have a functioning instance which gets its IP address from DHCP
- Ensure that you have a user that can log in through console
- Remove default egress rules ("any" to 0.0.0.0/0)
- Reboot instance
- Watch instance not having IP
Workaround:
- Add a security group rule that allows egress udp 67:68 to 0.0.0.0/0 will ensure that the instance gets an IP.
See also: https:/
Revision history for this message
| Brian Haley (brian-haley) wrote | #1 |
| Changed in neutron: | |
| status: | New → Confirmed |
| importance: | Undecided → Medium |
| tags: | added: ovn |
Revision history for this message
| Rodolfo Alonso (rodolfo-alonso-hernandez) wrote | #2 |
To post a comment you must log in.
I can confirm the failure, from my test VM:
### ifconfig -a
eth0 Link encap:Ethernet HWaddr FA:16:3E:FF:E9:72
inet addr:169.254.69.35 Bcast:169.
inet6 addr: fe80::f816:
inet6 addr: fda3:8d6b:
UP BROADCAST RUNNING MULTICAST MTU:1442 Metric:1
RX packets:21 errors:0 dropped:0 overruns:0 frame:0
TX packets:66 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:2984 (2.9 KiB) TX bytes:4508 (4.4 KiB)
What is odd is that it is getting its IPv6 address.
I'll have to bug Ihar since he made a change for IPv6 that seemed similar,
https:/