Comment 47 for bug 1462154

Reviewed: https://review.openstack.org/349549
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=10532404b5f28ac9489bc300e1c9a94aa5ad86c0
Submitter: Jenkins
Branch: stable/mitaka

commit 10532404b5f28ac9489bc300e1c9a94aa5ad86c0
Author: Hong Hui Xiao <email address hidden>
Date: Mon Feb 29 11:07:15 2016 +0000

    DVR: Fix issue of SNAT rule for DVR with floating ip

    With current code, there are 2 issues.

    1) The prevent snat rule that is added for floating ip will be
    cleaned, when restarting the l3 agent. Without this rule, the fixed
    ip will be SNATed to floating ip, even if the network request is to
    an internal IP.

    2) The prevent snat rule will not be cleaned, even if the external
    device(rfp device) is deleted. So, when the floating ips are removed
    from DVR router, there are still dump rules in iptables. Restarting
    the l3 agent can clean these dump rules.

    The fix in this patch will handle DVR floating ip nat rules at the
    same step to handle nat rules for other routers(legacy router, dvr
    edge router)

    After the change in [1], the fip nat rules for external port have
    been extracted together into a method. Add all rules in that method
    in the same step can fix the issue of ping floating ip, but reply
    with fixed ip.

    [1] https://review.openstack.org/#/c/286392/

    Conflicts:
        neutron/agent/l3/dvr_fip_ns.py
        neutron/tests/functional/agent/l3/test_dvr_router.py

    Change-Id: I018232c03f5df2237a11b48ac877793d1cb5c1bf
    Closes-Bug: #1549311
    Related-Bug: #1462154
    (cherry picked from commit 1cea77b0aafbada6cad89a6fe0f5450004aef4e1)