ARP advertisement issue with DVR
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| neutron |
New
|
Undecided
|
Ryan Tidwell | ||
Bug Description
Creation of instance in order:
- create instance
- create network port
- assign floating IP to that port
- attach port to the previously created instance
can lead to situation when floating IP assigned to fip namespace in the compute node are not removed yet from snat namespace of the network node and when l3-agent perform arp advert through arping from the compute node actually both of them reply (network snat and compute fip) and upstream router can learn the wrong one MAC (from network node snat). Even after floating IP are deleted from network node snat ustream router keep on sending traffic there because it learned MAC from snat.
That usually happens with HEAT templates like that https:/
Environment: Openstack Stein, Ubuntu 16.04 (kernel 4.15), DVR
| Gaëtan Trellu (goldyfruit) wrote | #2 |
| Brian Haley (brian-haley) wrote | #3 |
| Changed in neutron: | |
| assignee: | nobody → Ryan Tidwell (ryan-tidwell) |
I guess I see how this could maybe happen, since the original port is unbound.
Can the workflow be changed to first attach the port then assign the floating IP?