| 2015-03-31 17:43:16 |
Andrew Boik |
bug |
|
|
added bug |
| 2015-03-31 17:43:23 |
Andrew Boik |
neutron: assignee |
|
Andrew Boik (drewboik) |
|
| 2015-03-31 17:43:27 |
Andrew Boik |
neutron: status |
New |
In Progress |
|
| 2015-04-05 04:37:38 |
Edgar Magana |
neutron: importance |
Undecided |
Medium |
|
| 2015-04-10 13:47:15 |
Andrew Boik |
tags |
|
kilo-backport-potential kilo-rc-potential |
|
| 2015-04-10 13:47:40 |
Andrew Boik |
description |
We need to validate a router's gateway port during creation and update of a router gateway port by ensuring
it has no more than one v4 fixed IP and one v6 fixed IP. There is currently no check for this. |
Adding an IP address replaces the default route on a Neutron router. In Kilo, Neutron now automatically allocates an IP address for the WAN interface on Neutron routers when a subnet on the external network is created. Previously, there was a check to allow a maximum of one IP address on a Neutron router gateway port. This check, however, was removed, and this patch replaces that check and allows one IPv6 address in addition to the IPv4 address to support dual-stack.
The combination of the automatic update of a router gateway port upon creation of a subnet and the absence of a check on the number of fixed IPs causes a change in behavior to that of Neutron in the Juno release.
The critical issue is that creation of a subnet with a gateway IP on the external network replaces all default routes of Neutron routers on that network. This is not the behavior operators expect based on previous releases, and is most likely not the behavior they want - and as a result it could cause loss of internet connectivity to all tenants based on the network configuration.
We need to validate a router's gateway port during creation and update of a router gateway port by ensuring it has no more than one v4 fixed IP and one v6 fixed IP. |
|
| 2015-04-10 13:48:07 |
Andrew Boik |
description |
Adding an IP address replaces the default route on a Neutron router. In Kilo, Neutron now automatically allocates an IP address for the WAN interface on Neutron routers when a subnet on the external network is created. Previously, there was a check to allow a maximum of one IP address on a Neutron router gateway port. This check, however, was removed, and this patch replaces that check and allows one IPv6 address in addition to the IPv4 address to support dual-stack.
The combination of the automatic update of a router gateway port upon creation of a subnet and the absence of a check on the number of fixed IPs causes a change in behavior to that of Neutron in the Juno release.
The critical issue is that creation of a subnet with a gateway IP on the external network replaces all default routes of Neutron routers on that network. This is not the behavior operators expect based on previous releases, and is most likely not the behavior they want - and as a result it could cause loss of internet connectivity to all tenants based on the network configuration.
We need to validate a router's gateway port during creation and update of a router gateway port by ensuring it has no more than one v4 fixed IP and one v6 fixed IP. |
Adding an IP address replaces the default route on a Neutron router. In Kilo, Neutron now automatically allocates an IP address for the WAN interface on Neutron routers when a subnet on the external network is created. Previously, there was a check to allow a maximum of one IP address on a Neutron router gateway port. This check, however, was removed, and this patch replaces that check and allows one IPv6 address in addition to the IPv4 address to support dual-stack.
The combination of the automatic update of a router gateway port upon creation of a subnet and the absence of a check on the number of fixed IPs causes a change in behavior to that of Neutron in the Juno release.
The critical issue is that creation of a subnet with a gateway IP on the external network replaces all default routes of Neutron routers on that network. This is not the behavior operators expect based on previous releases, and is most likely not the behavior they want - and as a result it could cause loss of external connectivity to tenants based on the network configuration.
We need to validate a router's gateway port during creation and update of a router gateway port by ensuring it has no more than one v4 fixed IP and one v6 fixed IP. |
|
| 2015-04-10 13:48:58 |
Andrew Boik |
tags |
kilo-backport-potential kilo-rc-potential |
kilo-rc-potential |
|
| 2015-04-14 13:57:02 |
Kyle Mestery |
neutron: milestone |
|
liberty-1 |
|
| 2015-04-16 14:14:50 |
Andrew Boik |
tags |
kilo-rc-potential |
kilo-backport-potential kilo-rc-potential |
|
| 2015-04-28 19:47:06 |
Kyle Mestery |
neutron: importance |
Medium |
High |
|
| 2015-04-28 21:02:11 |
Carl Baldwin |
summary |
Validate number of addresses for router GW port |
Router gw gets address allocation from all new subnets |
|
| 2015-04-28 21:03:55 |
Carl Baldwin |
summary |
Router gw gets address allocation from all new subnets |
Router gets address allocation from all new gw subnets |
|
| 2015-04-28 21:11:04 |
Carl Baldwin |
description |
Adding an IP address replaces the default route on a Neutron router. In Kilo, Neutron now automatically allocates an IP address for the WAN interface on Neutron routers when a subnet on the external network is created. Previously, there was a check to allow a maximum of one IP address on a Neutron router gateway port. This check, however, was removed, and this patch replaces that check and allows one IPv6 address in addition to the IPv4 address to support dual-stack.
The combination of the automatic update of a router gateway port upon creation of a subnet and the absence of a check on the number of fixed IPs causes a change in behavior to that of Neutron in the Juno release.
The critical issue is that creation of a subnet with a gateway IP on the external network replaces all default routes of Neutron routers on that network. This is not the behavior operators expect based on previous releases, and is most likely not the behavior they want - and as a result it could cause loss of external connectivity to tenants based on the network configuration.
We need to validate a router's gateway port during creation and update of a router gateway port by ensuring it has no more than one v4 fixed IP and one v6 fixed IP. |
When a new subnet is created on an external network, all existing routers with gateways on the network will get a new address allocated from it. This could be pretty bad for IPv4 networks where the addresses are scarce and therefore valuable. In some cases, the entire new subnet could be consumed by router gateway ports alone.
Adding an IP address replaces the default route on a Neutron router. In Kilo, Neutron now automatically allocates an IP address for the WAN interface on Neutron routers when a subnet on the external network is created. Previously, there was a check to allow a maximum of one IP address on a Neutron router gateway port. This check, however, was removed, and this patch replaces that check and allows one IPv6 address in addition to the IPv4 address to support dual-stack.
The combination of the automatic update of a router gateway port upon creation of a subnet and the absence of a check on the number of fixed IPs causes a change in behavior to that of Neutron in the Juno release.
An issue is that creation of a subnet with a gateway IP on the external network replaces all default routes of Neutron routers on that network. This is not the behavior operators expect based on previous releases, and is most likely not the behavior they want - and as a result it could cause loss of external connectivity to tenants based on the network configuration.
We need to validate a router's gateway port during creation and update of a router gateway port by ensuring it has no more than one v4 fixed IP and one v6 fixed IP. |
|
| 2015-04-28 21:12:36 |
Carl Baldwin |
tags |
kilo-backport-potential kilo-rc-potential |
kilo-backport-potential kilo-rc-potential l3-ipam-dhcp |
|
| 2015-04-30 13:21:05 |
Thierry Carrez |
tags |
kilo-backport-potential kilo-rc-potential l3-ipam-dhcp |
kilo-backport-potential l3-ipam-dhcp |
|
| 2015-05-08 10:18:33 |
OpenStack Infra |
neutron: status |
In Progress |
Fix Committed |
|
| 2015-05-26 03:20:38 |
gustavo panizzo |
bug |
|
|
added subscriber gustavo panizzo |
| 2015-06-01 17:08:34 |
OpenStack Infra |
tags |
kilo-backport-potential l3-ipam-dhcp |
in-stable-kilo kilo-backport-potential l3-ipam-dhcp |
|
| 2015-06-24 20:12:48 |
Thierry Carrez |
neutron: status |
Fix Committed |
Fix Released |
|
| 2015-07-23 21:32:03 |
Alan Pevec |
nominated for series |
|
neutron/kilo |
|
| 2015-07-23 21:32:03 |
Alan Pevec |
bug task added |
|
neutron/kilo |
|
| 2015-10-15 12:14:30 |
Thierry Carrez |
neutron: milestone |
liberty-1 |
7.0.0 |
|
