neutron

neutron-linuxbridge-agent ebtables RULE_DELETE failed (Invalid argument)

Bug #2049546 reported by Jan Graichen
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
New
Undecided
Unassigned

Bug Description

neutron-linuxbridge-agent fails and gets stuck when cleaning up ARP protection rules:

     neutron-linuxbridge-agent[3049824]: Exit code: 4; Cmd: ['ebtables', '-t', 'nat', '--concurrent', '-D', 'neutronMAC-tap50f1af99-28', '-i', 'tap50f1af99-28', '--among-src', 'fa:16:3e:ba:10:2a', '-j', 'RETURN']; Stdin: ; Stdout: ; Stderr: ebtables v1.8.7 (nf_tables): RULE_DELETE failed (Invalid argument): rule in chain neutronMAC-tap50f1af99-28

Afterward, it stops responding to RPC messages and nova-compute times out waiting for vif-plugged events.

Version:

  * OpenStack Zed from Ubuntu cloud archive
  * Ubuntu 22.04 LTS
  * 5.15.0-91-generic #101-Ubuntu
  * Deployed via Ubuntu cloud archive packages

Context:

The document https://github.com/openstack/neutron/blob/stable/zed/doc/source/admin/deploy-lb.rst mentions some resolved issues with ebtables based on nftables, and the scenarios from the linked bug reports do work. The issue here appears to only happens when removing ARP spoofing rules. We have a few compute hosts with a high churn, many instances created and deleted. On these, neutron-linuxbridge-agent works visibly fine until it becomes too stuck.

Revision history for this message
Brian Haley (brian-haley) wrote :

This was fixed with https://review.opendev.org/c/openstack/neutron/+/898832 and is a duplicate of https://bugs.launchpad.net/neutron/+bug/2038541 - please try the fix there.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.