neutron

agent/linux/bridge_lib: Not all methods of BridgeDevice respect namespaces

Bug #1799656 reported by Adriaan Schmidt
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Expired
Undecided
Unassigned

Bug Description

Looking at agent/linux/bridge_lib.py, I see that most methods of BridgeDevice use calls to brctl, using a namespace wrapper. They work as expected.

However, some methods (get_interface_bridge, owns_interface, get_interfaces) retrieve information from the file system, and do not work if the bridge device lives in a namespace.

Revision history for this message
Brian Haley (brian-haley) wrote :

Yes, it looks like those methods don't deal with namespaces, but from what I know, the linux bridge agent does not run in a namespace, so this isn't causing a problem. Do you have a case where there is a namespace?

Changed in neutron:
status: New → Incomplete
Revision history for this message
Adriaan Schmidt (adriaan-schmidt) wrote :

I'm writing a device_driver for neutron-vpnaas, similar to the proposed (but then abandoned) SSLVPN (https://wiki.openstack.org/wiki/Neutron/VPNaaS/SSLVPN). This starts an OpenVPN process inside a router namespace, which allows clients to connect to Neutron networks.

For me it is important that the clients are in the same broadcast domain as the instances. So, the current VPNaaS solutions based on IPSEC and policy-based routing don't work for me. My current solution is to configure OpenVPN to use a tap device, and connect this to the router internal port via a bridge, all inside the router namespace.

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for neutron because there has been no activity for 60 days.]

Changed in neutron:
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.