Allowed_address_pair fixed_ip configured with FloatingIP after getting associated with a VM port does not work with DVR routers
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | neutron |
High
|
Brian Haley | ||
Bug Description
Allowed_
The current code only supports adding in the proper ARP update and port host binding inheritence for the Allowed_
When the floatingIP is added later, it fails.
How to reproduce.
1. Create networks
2. Create vrrp-net.
3. Create vrrp-subnet.
4. Create a DVR router.
5. Attach the vrrp-subnet to the router.
6. Create a VM on the vrrp-subnet
7. Create a VRRP port.
8. Attach the VRRP port with the VM.
9. Now assign a FloatingIP to the VRRP port.
10. Now check the ARP table entry in the router_namespace and also the VRRP port details. The VRRP port is still unbound and so the DVR cannot handle unbound ports.
| Brandon Logan (brandon-logan) wrote : | #1 |
| Changed in neutron: | |
| status: | New → Confirmed |
| importance: | Undecided → Medium |
| Brandon Logan (brandon-logan) wrote : | #2 |
Previous bug report that appears to not have fixed the issue in full
| Changed in neutron: | |
| assignee: | nobody → Swaminathan Vasudevan (swaminathan-vasudevan) |
| status: | Confirmed → In Progress |
For some reason the patch is not showing up here.
This patch should fix the above mentioned issue when fip is delayed.
| denghui huang (huangdenghui) wrote : | #5 |
I also have a question about fix of bug 1445255, what if VRRP IP address float between two fixed port?
| Changed in neutron: | |
| assignee: | Swaminathan Vasudevan (swaminathan-vasudevan) → Brian Haley (brian-haley) |
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit 3a5315ef8dbc626
Author: Swaminathan Vasudevan <email address hidden>
Date: Tue Apr 12 16:06:41 2016 -0700
DVR: Fix allowed_
Today when allowed_
service port and if a floatingip is associated with the
allowed_
host and the device_owner to which the port is associated.
But when the floatingip is created on the allowed_
port after the port is associated with a dvr service port, then
we apply the right port host binding and the arp_update.
This patch address the issue, by checking for the host binding
when there is a new floatingip configured. If host binding is
missing and if the port happens to be an allowed_
port, then it checks for the associated service port and if there
is a single valid and active service port, then it inherits the
host binding and device owner from the dvr service port and also
applies the right arp entry. If there is are more than one
active ports, then it returns.
Closes-Bug: #1569918
Change-Id: I80a299d3f99113
| Changed in neutron: | |
| status: | In Progress → Fix Released |
Fix proposed to branch: stable/mitaka
Review: https:/
Fix proposed to branch: stable/liberty
Review: https:/
| tags: | added: neutron-proactive-backport-potential |
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: stable/mitaka
commit 85ac60cc8faced1
Author: Swaminathan Vasudevan <email address hidden>
Date: Tue Apr 12 16:06:41 2016 -0700
DVR: Fix allowed_
Today when allowed_
service port and if a floatingip is associated with the
allowed_
host and the device_owner to which the port is associated.
But when the floatingip is created on the allowed_
port after the port is associated with a dvr service port, then
we apply the right port host binding and the arp_update.
This patch address the issue, by checking for the host binding
when there is a new floatingip configured. If host binding is
missing and if the port happens to be an allowed_
port, then it checks for the associated service port and if there
is a single valid and active service port, then it inherits the
host binding and device owner from the dvr service port and also
applies the right arp entry. If there is are more than one
active ports, then it returns.
Closes-Bug: #1569918
Change-Id: I80a299d3f99113
(cherry picked from commit 3a5315ef8dbc626
| tags: | added: in-stable-mitaka |
This issue was fixed in the openstack/neutron 9.0.0.0b2 development milestone.
| Ihar Hrachyshka (ihar-hrachyshka) wrote : | #11 |
Affects Octavia, raising to High.
| Changed in neutron: | |
| importance: | Medium → High |
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: stable/liberty
commit 3c865148704dbb0
Author: Swaminathan Vasudevan <email address hidden>
Date: Tue Apr 12 16:06:41 2016 -0700
DVR: Fix allowed_
Today when allowed_
service port and if a floatingip is associated with the
allowed_
host and the device_owner to which the port is associated.
But when the floatingip is created on the allowed_
port after the port is associated with a dvr service port, then
we apply the right port host binding and the arp_update.
This patch address the issue, by checking for the host binding
when there is a new floatingip configured. If host binding is
missing and if the port happens to be an allowed_
port, then it checks for the associated service port and if there
is a single valid and active service port, then it inherits the
host binding and device owner from the dvr service port and also
applies the right arp entry. If there is are more than one
active ports, then it returns.
Closes-Bug: #1569918
(cherry picked from commit 3a5315ef8dbc626
Conflicts:
neutron/
Change-Id: I80a299d3f99113
| tags: | added: in-stable-liberty |
This issue was fixed in the openstack/neutron 7.1.2 release.
This issue was fixed in the openstack/neutron 8.2.0 release.
| tags: | removed: neutron-proactive-backport-potential |
Octavia's default implementation is affected by this because it makes use of allowed address pairs to deliver HA load balancers.