Juniper Openstack

Gateway_less_FWD: Allocation pool per vrouter should be unique

  1. Series trunk
  2. Bug #1728542
Bug #1728542 reported by Chandra Sekhar Reddy Mallam
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Juniper Openstack
Status tracked in Trunk
R4.1
Fix Committed
High
Atul Moghe
Juniper Openstack r4.1.0.0-fcs "r4.1"
Trunk
Fix Committed
High
Atul Moghe
Juniper Openstack r5.0.0

Bug Description

Allocation pool per vrouter should be unique. Right now, same allocation pool set can be assigned to multiple vrouters, which is incorrect and config should not be allowed.

Steps
----
1. Create a flat-subnet IPAM (say 10.204.218.0/24), create a vrouter specific allocation pool (10.204.218.240-10.204.218.254)
2. Configure subnet and allocation pool on one virtual-router
3. Now, try configuring the same subnet and allocation pool on another virtual-router. This config is getting accepted, though allocation pool is same across 2 virtual-routers. This is incorrect.

Build Info
---------
4.1.0.0-27 Mitaka

Please see the log below:

>>> pprint(vars(ip_fab_ipam))
{'_display_name': u'ip_fabric_ipam',
 '_id_perms': permissions = owner = admin, owner_access = 7, group = admin, group_access = 7, other_access = 7, uuid = uuid_mslong = 4519756168981859302, uuid_lslong = 11763698350255004921, enable = True, created = 2017-10-30T04:41:09.257872, last_modified = 2017-10-30T04:41:55.404301, description = None, user_visible = True, creator = None,
 '_ipam_subnet_method': u'flat-subnet',
 '_ipam_subnets': subnets = [subnet = ip_prefix = 10.204.218.0, ip_prefix_len = 24, default_gateway = 10.204.218.1, dns_server_address = 10.204.218.2, subnet_uuid = 7ba01c7c-1389-4d42-ab58-a7c3563b3cae, enable_dhcp = True, dns_nameservers = [], allocation_pools = [start = 10.204.218.240, end = 10.204.218.255, vrouter_specific_pool = True], addr_from_start = True, dhcp_option_list = None, host_routes = None, subnet_name = 7ba01c7c-1389-4d42-ab58-a7c3563b3cae, alloc_unit = 1, created = None, last_modified = None],
 '_network_ipam_mgmt': ipam_method = None, ipam_dns_method = default-dns-server, ipam_dns_server = None, dhcp_option_list = None, cidr_block = None, host_routes = None,
 '_pending_field_list_updates': {},
 '_pending_field_map_updates': {},
 '_pending_field_updates': set([]),
 '_pending_ref_updates': set([]),
 '_perms2': owner = bd96af28cd1e4bd3b6739dbdf41dabb7, owner_access = 7, global_access = 0, share = [],
 '_server_conn': <vnc_api.vnc_api.VncApi object at 0x7fdc12e65710>,
 '_type': 'network-ipam',
 '_uuid': u'3eb96649-fb8b-4be6-a341-0d52a3cc5cf9',
 'fq_name': [u'default-domain', u'admin', u'ip_fabric_ipam'],
 'name': u'ip_fabric_ipam',
 'parent_type': u'project',
 'parent_uuid': u'bd96af28-cd1e-4bd3-b673-9dbdf41dabb7'}
>>>
>>> pprint(vars(vr_ipam_type))
{'allocation_pools': [start = 10.204.218.240, end = 10.204.218.255, vrouter_specific_pool = None],
 'subnet': [ip_prefix = 10.204.218.240, ip_prefix_len = 24]}
>>>
>>> nodec23_vr.set_network_ipam(ip_fab_ipam, vr_ipam_type)
>>> vnc_lib.virtual_router_update(nodec23_vr)
u'{"virtual-router": {"href": "http://10.204.217.127:8082/virtual-router/49383799-7568-4f3e-a00f-e3c205051e72", "uuid": "49383799-7568-4f3e-a00f-e3c205051e72"}}'
>>>
>>> nodek11_vr.set_network_ipam(ip_fab_ipam, vr_ipam_type)
>>> vnc_lib.virtual_router_update(nodek11_vr)
u'{"virtual-router": {"href": "http://10.204.217.127:8082/virtual-router/cc15ffd5-2008-4060-bc79-0dc3a3b3f6be", "uuid": "cc15ffd5-2008-4060-bc79-0dc3a3b3f6be"}}'
>>>
>>>

>>> pprint(vars(nodek11_vr))
{'_display_name': u'nodek11',
 '_id_perms': permissions = owner = cloud-admin, owner_access = 7, group = admin, group_access = 7, other_access = 7, uuid = uuid_mslong = 14705941449078751328, uuid_lslong = 13580901285228705470, enable = True, created = 2017-10-27T07:53:32.191127, last_modified = 2017-10-27T11:06:19.356666, description = None, user_visible = True, creator = None,
 '_original_network_ipam_refs': [{'attr': allocation_pools = [start = 10.204.218.150, end = 10.204.218.170, vrouter_specific_pool = None, start = 10.204.218.240, end = 10.204.218.255, vrouter_specific_pool = None, start = 10.204.218.240, end = 10.204.218.255, vrouter_specific_pool = None], subnet = [ip_prefix = 10.204.218.240, ip_prefix_len = 24],
                                  'to': [u'default-domain',
                                         u'admin',
                                         u'ip_fabric_ipam'],
                                  'uuid': u'3eb96649-fb8b-4be6-a341-0d52a3cc5cf9'}],
 '_pending_field_list_updates': {},
 '_pending_field_map_updates': {},
 '_pending_field_updates': set([]),
 '_pending_ref_updates': set([]),
 '_perms2': owner = cloud-admin, owner_access = 7, global_access = 0, share = [],
 '_server_conn': <vnc_api.vnc_api.VncApi object at 0x7fdc12e65710>,
 '_type': 'virtual-router',
 '_uuid': u'cc15ffd5-2008-4060-bc79-0dc3a3b3f6be',
 '_virtual_router_dpdk_enabled': False,
 '_virtual_router_ip_address': u'10.204.216.231',
 'fq_name': [u'default-global-system-config', u'nodek11'],
 'name': u'nodek11',
 'network_ipam_refs': [{'attr': allocation_pools = [start = 10.204.218.240, end = 10.204.218.255, vrouter_specific_pool = None], subnet = [ip_prefix = 10.204.218.240, ip_prefix_len = 24],
                        'to': [u'default-domain',
                               u'admin',
                               u'ip_fabric_ipam'],
                        'uuid': u'3eb96649-fb8b-4be6-a341-0d52a3cc5cf9'}],
 'parent_type': u'global-system-config',
 'parent_uuid': u'52bed2b0-d2cf-4353-9fd4-2f1c0919758b'}
>>> pprint(vars(nodec23_vr))
{'_display_name': u'nodec23',
 '_id_perms': permissions = owner = cloud-admin, owner_access = 7, group = admin, group_access = 7, other_access = 7, uuid = uuid_mslong = 5276028095703830334, uuid_lslong = 11533687593166511730, enable = True, created = 2017-10-27T07:53:32.873300, last_modified = 2017-10-27T07:53:32.873300, description = None, user_visible = True, creator = None,
 '_pending_field_list_updates': {},
 '_pending_field_map_updates': {},
 '_pending_field_updates': set([]),
 '_pending_ref_updates': set([]),
 '_perms2': owner = cloud-admin, owner_access = 7, global_access = 0, share = [],
 '_server_conn': <vnc_api.vnc_api.VncApi object at 0x7fdc12e65710>,
 '_type': 'virtual-router',
 '_uuid': u'49383799-7568-4f3e-a00f-e3c205051e72',
 '_virtual_router_dpdk_enabled': False,
 '_virtual_router_ip_address': u'10.204.217.8',
 'fq_name': [u'default-global-system-config', u'nodec23'],
 'name': u'nodec23',
 'network_ipam_refs': [{'attr': allocation_pools = [start = 10.204.218.240, end = 10.204.218.255, vrouter_specific_pool = None], subnet = [ip_prefix = 10.204.218.240, ip_prefix_len = 24],
                        'to': [u'default-domain',
                               u'admin',
                               u'ip_fabric_ipam'],
                        'uuid': u'3eb96649-fb8b-4be6-a341-0d52a3cc5cf9'}],
 'parent_type': u'global-system-config',
 'parent_uuid': u'52bed2b0-d2cf-4353-9fd4-2f1c0919758b'}
>>>

Tags: config
Chandra Sekhar Reddy Mallam (cmallam)
tags: added: config
removed: vrouter
Revision history for this message
Chandra Sekhar Reddy Mallam (cmallam) wrote :

---------
Compute 1
---------

>>> pprint(vars(nodek11_vr))
{'_display_name': u'nodek11',
 '_id_perms': permissions = owner = cloud-admin, owner_access = 7, group = admin, group_access = 7, other_access = 7, uuid = uuid_mslong = 14705941449078751328, uuid_lslong = 13580901285228705470, enable = True, created = 2017-10-27T07:53:32.191127, last_modified = 2017-10-30T08:48:23.794468, description = None, user_visible = True, creator = None,
 '_pending_field_list_updates': {},
 '_pending_field_map_updates': {},
 '_pending_field_updates': set([]),
 '_pending_ref_updates': set([]),
 '_perms2': owner = cloud-admin, owner_access = 7, global_access = 0, share = [],
 '_server_conn': <vnc_api.vnc_api.VncApi object at 0x7fa47e1a8710>,
 '_type': 'virtual-router',
 '_uuid': u'cc15ffd5-2008-4060-bc79-0dc3a3b3f6be',
 '_virtual_router_dpdk_enabled': False,
 '_virtual_router_ip_address': u'10.204.216.231',
 'fq_name': [u'default-global-system-config', u'nodek11'],
 'name': u'nodek11',
 'network_ipam_refs': [{'attr': allocation_pools = [start = 10.204.218.240, end = 10.204.218.255, vrouter_specific_pool = True], subnet = [ip_prefix = 10.204.218.240, ip_prefix_len = 28],
                        'to': [u'default-domain',
                               u'admin',
                               u'ip_fabric_ipam'],
                        'uuid': u'3eb96649-fb8b-4be6-a341-0d52a3cc5cf9'}],
 'parent_type': u'global-system-config',
 'parent_uuid': u'52bed2b0-d2cf-4353-9fd4-2f1c0919758b'}

---------
Compute 2
---------
>>> pprint(vars(nodec23_vr))
{'_display_name': u'nodec23',
 '_id_perms': permissions = owner = cloud-admin, owner_access = 7, group = admin, group_access = 7, other_access = 7, uuid = uuid_mslong = 5276028095703830334, uuid_lslong = 11533687593166511730, enable = True, created = 2017-10-27T07:53:32.873300, last_modified = 2017-10-30T08:48:03.503336, description = None, user_visible = True, creator = None,
 '_pending_field_list_updates': {},
 '_pending_field_map_updates': {},
 '_pending_field_updates': set([]),
 '_pending_ref_updates': set([]),
 '_perms2': owner = cloud-admin, owner_access = 7, global_access = 0, share = [],
 '_server_conn': <vnc_api.vnc_api.VncApi object at 0x7fa47e1a8710>,
 '_type': 'virtual-router',
 '_uuid': u'49383799-7568-4f3e-a00f-e3c205051e72',
 '_virtual_router_dpdk_enabled': False,
 '_virtual_router_ip_address': u'10.204.217.8',
 'fq_name': [u'default-global-system-config', u'nodec23'],
 'name': u'nodec23',
 'network_ipam_refs': [{'attr': allocation_pools = [start = 10.204.218.240, end = 10.204.218.255, vrouter_specific_pool = True], subnet = [ip_prefix = 10.204.218.240, ip_prefix_len = 28],
                        'to': [u'default-domain',
                               u'admin',
                               u'ip_fabric_ipam'],
                        'uuid': u'3eb96649-fb8b-4be6-a341-0d52a3cc5cf9'}],
 'parent_type': u'global-system-config',
 'parent_uuid': u'52bed2b0-d2cf-4353-9fd4-2f1c0919758b'}
>>>

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] R4.1

Review in progress for https://review.opencontrail.org/37116
Submitter: Atul Moghe (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] master

Review in progress for https://review.opencontrail.org/37123
Submitter: Atul Moghe (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] R4.1

Review in progress for https://review.opencontrail.org/37116
Submitter: Atul Moghe (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] master

Review in progress for https://review.opencontrail.org/37123
Submitter: Atul Moghe (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/37116
Committed: http://github.com/Juniper/contrail-controller/commit/597d70e29bc3ce65fce0a8701f0e25972754d459
Submitter: Zuul (<email address hidden>)
Branch: R4.1

commit 597d70e29bc3ce65fce0a8701f0e25972754d459
Author: Atul Moghe <email address hidden>
Date: Thu Nov 2 12:13:55 2017 -0700

This will check if allocation-pool is already added in another vrouter

if alloc-pool is already added in existing vrouter-ipam link, it is not
allowed to another vrouter on the same ipam
Closes-Bug: #1728542

Change-Id: Ic2fbe91626a76980f071153e251c5db54dca35db

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote :

Reviewed: https://review.opencontrail.org/37123
Committed: http://github.com/Juniper/contrail-controller/commit/e469cab233daae4d05dd3920723783c690b3bb91
Submitter: Zuul (<email address hidden>)
Branch: master

commit e469cab233daae4d05dd3920723783c690b3bb91
Author: Atul Moghe <email address hidden>
Date: Thu Nov 2 12:13:55 2017 -0700

This will check if allocation-pool is already added in another vrouter

if alloc-pool is already added in existing vrouter-ipam link, it is not
allowed to another vrouter on the same ipam
Closes-Bug: #1728542

Change-Id: Ic2fbe91626a76980f071153e251c5db54dca35db

Nischal Sheth (nsheth)
information type: Proprietary → Public
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.