neutron

gateway update restriction should apply only to router interfaces

Bug #1532004 reported by Kevin Benton
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Low
Kevin Benton
neutron mitaka-3 "m3"

Bug Description

The restriction that prevents a subnet's gateway IP from being updated if it points to an IP in use by a port can get the subnet in a stuck state without messing with a port if the wrong gateway_ip is set.

Take the following example:

administrator@13:35:25:~/code/neutron$ neutron subnet-create bojangles 10.0.0.0/24 --name=bojangles --allocation-pool start=10.0.0.3,end=10.0.0.250
Created a new subnet:
+-------------------+--------------------------------------------+
| Field | Value |
+-------------------+--------------------------------------------+
| allocation_pools | {"start": "10.0.0.3", "end": "10.0.0.250"} |
| cidr | 10.0.0.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 10.0.0.1 |
| host_routes | |
| id | 21c9a4b3-a1d0-402f-8e1e-b463236cc612 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | bojangles |
| network_id | 3c6ca69c-7662-441e-abc3-7a104aa603a1 |
| subnetpool_id | |
| tenant_id | de56db175c1d48b0bbe72f09a24a3b66 |
+-------------------+--------------------------------------------+

administrator@13:35:58:~/code/neutron$ neutron port-create bojangles --fixed-ip ip_address=10.0.0.2
Created a new port:
+-----------------------+--------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------------------------------------------------------------------+
| admin_state_up | True |
| allowed_address_pairs | |
| binding:host_id | |
| binding:profile | {} |
| binding:vif_details | {} |
| binding:vif_type | unbound |
| binding:vnic_type | normal |
| device_id | |
| device_owner | |
| dns_assignment | {"hostname": "host-10-0-0-2", "ip_address": "10.0.0.2", "fqdn": "host-10-0-0-2.openstacklocal."} |
| dns_name | |
| fixed_ips | {"subnet_id": "21c9a4b3-a1d0-402f-8e1e-b463236cc612", "ip_address": "10.0.0.2"} |
| id | 3cc9c4a0-1ea7-4353-a5e0-f112adf5fad8 |
| mac_address | fa:16:3e:09:d2:29 |
| name | |
| network_id | 3c6ca69c-7662-441e-abc3-7a104aa603a1 |
| port_security_enabled | True |
| security_groups | fa5cdb36-85e1-4182-bd08-d2ad22b5eb5b |
| status | DOWN |
| tenant_id | de56db175c1d48b0bbe72f09a24a3b66 |
+-----------------------+--------------------------------------------------------------------------------------------------+
administrator@13:36:05:~/code/neutron$ neutron subnet-update bojangles --gateway_ip=10.0.0.2
Updated subnet: bojangles
administrator@13:36:14:~/code/neutron$ neutron subnet-update bojangles --gateway_ip=10.0.0.1
Current gateway ip 10.0.0.2 already in use by port 3cc9c4a0-1ea7-4353-a5e0-f112adf5fad8. Unable to update.

The subnet is now pinned to the 10.0.0.2 port so the user will have to destroy the port or update it's fixed IP before the subnet gateway can be changed. If the port belongs to an active VM, this is disruptive.

The restriction should be loosened to only apply to router ports, which is what it was originally intended for (https://bugs.launchpad.net/neutron/+bug/1186322).

Kevin Benton (kevinbenton)
Changed in neutron:
assignee: nobody → Kevin Benton (kevinbenton)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/264996

Changed in neutron:
status: New → In Progress
Kevin Benton (kevinbenton)
Changed in neutron:
importance: Undecided → Low
Carl Baldwin (carl-baldwin)
Changed in neutron:
milestone: none → mitaka-3
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/264996
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=30dab936e602cba7e35806e8a558b53eb8936f48
Submitter: Jenkins
Branch: master

commit 30dab936e602cba7e35806e8a558b53eb8936f48
Author: Kevin Benton <email address hidden>
Date: Thu Jan 7 14:28:24 2016 -0800

    Only restrict gateway_ip change for router ports

    The subnet update code was restricting gateway_ip changes if the
    existing gateway IP belonged to a Neutron port. This was implemented
    because changing the gateway will break all floating IP addresses if
    the gateway is a Neutron router. However, this restriction makes it
    possible to get a subnet stuck to an IP address that belongs to another
    port (e.g. a compute port) so the user has to either delete the port
    or change it's IP, both of which are disruptive.

    This patch just changes the restriction so it only prevents gateway
    IP changes if the current gateway IP belongs to a router. This
    preserves the intent of the original change while allowing the subnet
    to be updated off of IP addresses that belong to normal ports.

    Change-Id: I4691505ef2fad6019e0d2fd80ff1b9e157662a29
    Closes-bug: #1532004

Changed in neutron:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.