Neutron fails to create external network gateway when gateway's IP in different subnet with br-ex
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
Sreekumar S |
Bug Description
Hi guys,
I encountered a problem with neutron when trying to create external network with gateway in different subnet:
neutron subnet-create ext-net --name ext-subnet \
--allocation-pool start=46.
--disable-dhcp --gateway 176.31.105.254 46.105.252.0/24
The external network has gateway in different subnet: 46.105.252.216/24 and 176.31.105.254
I need something like this due to the router configuration in DC.
The problem is neutron show no error, and on dashboard, the ext-net also shows its gateway 176.31.105.254. However, packets are not routed because in IP routing table of the router, no default gateway entry is added:
sudo ip netns exec qrouter-
Destination Gateway Genmask Flags Metric Ref Use Iface
46.105.252.0 0.0.0.0 255.255.255.0 U 0 0 0 qg-0103d6fa-31
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 qr-343ab2cb-f5
I can work around by manually adding two line in routing table:
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 176.31.105.254 0.0.0.0 UG 0 0 0 qg-0103d6fa-31
46.105.252.0 0.0.0.0 255.255.255.0 U 0 0 0 qg-0103d6fa-31
176.31.105.254 0.0.0.0 255.255.255.255 UH 0 0 0 qg-0103d6fa-31
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 qr-343ab2cb-f5
Then it worked fine!
I believe this is a bug, due to adding gateway with different subnet in routing table will be rejected. In this case, we need to add this line first before adding gateway:
176.31.105.254 0.0.0.0 255.255.255.255 UH 0 0 0 qg-0103d6fa-31
So either we need to show users an error "not allow to add gateway in different subnet", or we should support adding gateway properly.
description: | updated |
tags: | added: l3-ipam-dhcp |
Changed in neutron: | |
importance: | Undecided → Medium |
Changed in neutron: | |
assignee: | nobody → Vishal Agarwal (vishala) |
Changed in neutron: | |
status: | In Progress → Confirmed |
assignee: | Vishal Agarwal (vishala) → nobody |
Changed in neutron: | |
assignee: | nobody → Sreekumar S (sreesiv) |
Changed in neutron: | |
milestone: | none → mitaka-3 |
Check out this patch: /review. openstack. org/#/c/ 92619/
https:/
neutron.conf has an option that validates that the gateway is in the subnet range. It's turned off by default and the patch above actually turns it on.