neutron

Bug #1593354
Activity log

Activity log for bug #1593354

Date	Who	What changed	Old value	New value	Message
2016-06-16 17:45:18	Hao Chen	bug			added bug
2016-06-16 18:56:51	Hao Chen	description	I have a mitaka openstack deployment with neutron DVR enabled. When I try to test the snat HA failover I found that even though the snat namespace was created on the other backup node, it doesn't has any nat rule in snat namespace iptable. And run "ip a" in the sant namespace you will find the sg port is missing. Here is what I found on the second neutron network node sandy-pistachio:/opt/openstack # ip netns qrouter-e25b81f9-8810-4654-9be0-ebac09c700fb qdhcp-abe36e89-f7a5-4cbd-a7e4-852d80ed92d6 snat-e25b81f9-8810-4654-9be0-ebac09c700fb sandy-pistachio:/opt/openstack # ip netns exec snat-e25b81f9-8810-4654-9be0-ebac09c700fb ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 70: qg-cc3b2f8c-b7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default link/ether fa:16:3e:cb:27:cd brd ff:ff:ff:ff:ff:ff inet 10.240.117.98/28 brd 10.240.117.111 scope global qg-cc3b2f8c-b7 valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fecb:27cd/64 scope link valid_lft forever preferred_lft forever sandy-pistachio:/opt/openstack # ip netns exec snat-e25b81f9-8810-4654-9be0-ebac09c700fb iptables -L -n -v -t nat Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination sandy-pistachio:/opt/openstack #	I have a mitaka openstack deployment with neutron DVR enabled. When I try to test the snat HA failover I found that even though the snat namespace was created on the other backup node, it doesn't has any nat rule in snat namespace iptable. And run "ip a" in the sant namespace you will find the sg port is missing. Here is what I found on the second neutron network node sandy-pistachio:/opt/openstack # ip netns qrouter-e25b81f9-8810-4654-9be0-ebac09c700fb qdhcp-abe36e89-f7a5-4cbd-a7e4-852d80ed92d6 snat-e25b81f9-8810-4654-9be0-ebac09c700fb sandy-pistachio:/opt/openstack # ip netns exec snat-e25b81f9-8810-4654-9be0-ebac09c700fb ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 70: qg-cc3b2f8c-b7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default link/ether fa:16:3e:cb:27:cd brd ff:ff:ff:ff:ff:ff inet 10.240.117.98/28 brd 10.240.117.111 scope global qg-cc3b2f8c-b7 valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fecb:27cd/64 scope link valid_lft forever preferred_lft forever sandy-pistachio:/opt/openstack # ip netns exec snat-e25b81f9-8810-4654-9be0-ebac09c700fb iptables -L -n -v -t nat Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Here are the package information: provo-pistachio:/opt/openstack # zypper info openstack-neutron Loading repository data... Reading installed packages... Information for package openstack-neutron: ------------------------------------------ Repository: Mitaka Name: openstack-neutron Version: 8.1.1~a0~dev32-2.1 Arch: noarch Vendor: obs://build.opensuse.org/Cloud:OpenStack Installed: Yes Status: up-to-date Installed Size: 235.1 KiB Summary: OpenStack Network Description: Neutron is a virtual network service for Openstack. Just like OpenStack Nova provides an API to dynamically request and configure virtual servers, Neutron provides an API to dynamically request and configure virtual networks. These networks connect "interfaces" from other OpenStack services (e.g., vNICs from Nova VMs). The Neutron API supports extensions to provide advanced network capabilities (e.g., QoS, ACLs, network monitoring, etc) provo-pistachio:/opt/openstack # zypper info openstack-neutron-openvswitch-agent Loading repository data... Reading installed packages... Information for package openstack-neutron-openvswitch-agent: ------------------------------------------------------------ Repository: Mitaka Name: openstack-neutron-openvswitch-agent Version: 8.1.1~a0~dev32-2.1 Arch: noarch Vendor: obs://build.opensuse.org/Cloud:OpenStack Installed: Yes Status: up-to-date Installed Size: 14.9 KiB Summary: OpenStack Network - Open vSwitch Description: This package provides the OpenVSwitch Agent. provo-pistachio:/opt/openstack # zypper info openstack-neutron-l3-agent Loading repository data... Reading installed packages... Information for package openstack-neutron-l3-agent: --------------------------------------------------- Repository: Mitaka Name: openstack-neutron-l3-agent Version: 8.1.1~a0~dev32-2.1 Arch: noarch Vendor: obs://build.opensuse.org/Cloud:OpenStack Installed: Yes Status: up-to-date Installed Size: 24.7 KiB Summary: OpenStack Network Service (Neutron) - L3 Agent Description: This package provides the L3 Agent.
2016-06-16 18:58:21	Assaf Muller	tags		l3-dvr-backlog l3-ha
2016-07-06 13:33:57	Swaminathan Vasudevan	bug			added subscriber Adolfo Duarte
2016-09-06 14:47:51	John Schwarz	neutron: status	New	Incomplete
2016-09-07 15:36:21	John Schwarz	neutron: status	Incomplete	New
2016-10-06 23:48:36	Swaminathan Vasudevan	neutron: status	New	Invalid