neutron router-gateway-set --enable-snat fails
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-neutronclient |
Fix Released
|
Undecided
|
Rodion Tikunov |
Bug Description
I have a Mitaka environment with 1 control node and 3 compute nodes, all physical machines running on openSUSE Leap 42.1.
My version of neutron client:
---cut here---
control1:~ # rpm -qi python-
Name : python-
Version : 3.1.1
Release : 1.1
Architecture: noarch
Install Date: Mo 11 Apr 2016 12:13:44 CEST
Group : Development/
Size : 2079132
License : Apache-2.0
Signature : RSA/SHA1, Do 03 Mär 2016 16:46:07 CET, Key ID 893a90dad85f9316
Source RPM : python-
Build Date : Do 03 Mär 2016 16:45:27 CET
Build Host : cloud118
Relocations : (not relocatable)
Vendor : obs://build.
URL : http://
Summary : Openstack Network (Quantum) API Client
---cut here---
Changing the router property "enable_snat" works only in one direction. The resource description in Horizon for "resource_
enable_snat: {description: 'Enables Source [...] update_allowed: true}
So trying to update this property in CLI (as project admin) seems to work:
control1:~ # neutron router-gateway-set --enable-snat <ROUTER_ID> <NETWORK_ID>
Set gateway for router cbc39730-
But actually no change has been made:
control1:~ # neutron router-list
+------
| id | name | external_
+------
| cbc39730... | router01 | {"network_id": "ID", "enable_snat": false, [...]|
+------
I know there's no such option in the help page for router-gateway-set command, but if there's not I'd expect an error message. Or if it's a valid option it should actually change this property.
Steps to reproduce:
1. Create a router with snat disabled
2. Try to enable snat via command line
Expected output:
Along with the success message ("Set gateway for router...") it should either actually enable snat or throw an error message ("unknown option" or something similar).
Actual output:
Success message saying router-gateway has been set, but the argument "--enable-snat" is ignored, no changes have been applied.
I will be out of office for the next three weeks, I'll set my co-worker in cc to this bug. If there are any questions on this issue he will try to answer them.
Changed in neutron: | |
status: | New → Confirmed |
Changed in neutron: | |
assignee: | Zhenmei (zma-4) → Rodion Tikunov (rtikunov) |
status: | Confirmed → In Progress |
Changed in neutron: | |
status: | In Progress → Fix Released |
tags: | removed: neutron router-gateway-set router-update snat |
affects: | neutron → python-neutronclient |
To add a bit more of detail:
The behavior is related to neutron's "enable_ snat_by_ default" setting:
- if it's set to "true" (which is the default value), then a newly created router will have "enable_snat" set to true (expected) and you can change that setting via CLI (expected)
- if it's set to "false", then a newly created router will have "enable_snat" set to false (expected) and you cannot change that setting via CLI (which is unexpected)
Below terminal log show the following sequence of commands and results:
- enable_ snat_by_ default is set to true (and neutron restarted, to use that setting) snat_by_ default is set to false (and neutron restarted, to use that setting)
- the router settings show "enable_snat": true (which was created previously)
- "neutron router-gateway-set --disable-snat" and "--enable-snat" is invoked on that router, without returning errors, and the router settings are positively changed
- enable_
- "neutron router-gateway-set --disable-snat" and "--enable-snat" is invoked on that router, without returning errors. "disable" actually disables SNAT, while "enable" does not change back to enabled state.
--- cut here --- snat_by_ default /etc/neutron/ neutron. conf snat_by_ default = true neutron. service ------- ------- ------- ------- ----+-- ------- ------- +------ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- +------ ------- +------ -+ gateway_ info | distributed | ha | ------- ------- ------- ------- ----+-- ------- ------- +------ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- +------ ------- +------ -+ 34cc-4d18- 986a-5b6b9b1b4e 96 | ebl-router01 | {"network_id": "18db85e5- 36aa-4669- 9004-9ec43baad3 f2", "enable_snat": true, "external_ fixed_ips" : [{"subnet_id": "dafed1c4- da5b-4557- bf18-cc7f9266f8 2a", "ip_address": "192.168.164.40"}]} | False | False | ------- ------- ------- ------- ----+-- ------- ------- +------ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- +------ ------- +------ -+ 34cc-4d18- 986a-5b6b9b1b4e 96 18db85e5- 36aa-4669- 9004-9ec43baad3 f2 34cc-4d18- 986a-5b6b9b1b4e 96 ------- ------- ------- ------- ----+-- ------- ------- +------ ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- ------- -+----- ------- -+----. ..
control1:~ # grep enable_
enable_
control1:~ # systemctl restart openstack-
control1:~ # neutron router-list
+------
| id | name | external_
+------
| cbc39730-
+------
control1:~ # neutron router-gateway-set --disable-snat cbc39730-
Set gateway for router cbc39730-
control1:~ # neutron router-list
+------