neutron

When adding another stateless subnet, implicit address allocation happen for port with deferred ip allocation

Bug #1864333 reported by Harald Jensås
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
High
Harald Jensås

Bug Description

$ openstack port create \
  --network provider test-port-deferred \
  -c fixed_ips -f yaml
fixed_ips: []

$ openstack subnet create \
  --ipv6-ra-mode dhcpv6-stateless \
  --ipv6-address-mode dhcpv6-stateless \
  --network provider \
  --network-segment provider-segment2 \
  --dhcp \
  --ip-version 6 \
  --subnet-range dead:beef:3::/64 \
  provider-subnet2-2

$ openstack subnet list --network provider -f yaml
- ID: 793bf8ce-f44a-468f-83e0-6c82375081f7
  Name: provider-subnet2-2
  Network: 45b993b2-5224-409e-9756-0be190a19cf5
  Subnet: dead:beef:3::/64
- ID: 926269c1-b05e-4b48-bafe-6be8e9cbd12c
  Name: provider-subnet1
  Network: 45b993b2-5224-409e-9756-0be190a19cf5
  Subnet: dead:beef:1::/64
- ID: cdec94ce-8e3b-4c5b-aba2-13271f8b8b91
  Name: provider-subnet2
  Network: 45b993b2-5224-409e-9756-0be190a19cf5
  Subnet: dead:beef:2::/64

$ openstack port list --network provider -f yaml
- Fixed IP Addresses:
  - ip_address: dead:beef:3:0:f816:3eff:fe9e:67f7
    subnet_id: 793bf8ce-f44a-468f-83e0-6c82375081f7
  ID: 8e2fe6e9-d418-4228-aad8-f5d0704be801
  MAC Address: fa:16:3e:9e:67:f7
  Name: test-port-deferred
  Status: DOWN

$ openstack port show test-port-deferred -f yaml
admin_state_up: true
allowed_address_pairs: []
binding_host_id: ''
binding_profile: {}
binding_vif_details: {}
binding_vif_type: unbound
binding_vnic_type: normal
created_at: '2020-02-22T13:46:51Z'
data_plane_status: null
description: ''
device_id: ''
device_owner: ''
dns_assignment:
- fqdn: host-dead-beef-3-0-f816-3eff-fe9e-67f7.openstackgate.local.
  hostname: host-dead-beef-3-0-f816-3eff-fe9e-67f7
  ip_address: dead:beef:3:0:f816:3eff:fe9e:67f7
dns_domain: ''
dns_name: ''
extra_dhcp_opts: []
fixed_ips:
- ip_address: dead:beef:3:0:f816:3eff:fe9e:67f7
  subnet_id: 793bf8ce-f44a-468f-83e0-6c82375081f7
id: 8e2fe6e9-d418-4228-aad8-f5d0704be801
location:
  cloud: ''
  project:
    domain_id: default
    domain_name: null
    id: 09295b4e443245b6b491c79f283388b9
    name: demo
  region_name: RegionOne
  zone: null
mac_address: fa:16:3e:9e:67:f7
name: test-port-deferred
network_id: 45b993b2-5224-409e-9756-0be190a19cf5
port_security_enabled: true
project_id: 09295b4e443245b6b491c79f283388b9
propagate_uplink_status: false
qos_network_policy_id: null
qos_policy_id: null
resource_request: null
revision_number: 3
security_group_ids:
- a19761db-e6a5-470c-a95f-98255e16b845
status: DOWN
tags: []
trunk_details: null
updated_at: '2020-02-22T13:47:12Z'

Since the port does not have 'binding_host_id' IP allocation on the routed provider network was deffered on create. However when adding another ipv6 stateless subnet, implicit address allocation is added to the port. This allocation should have been deferred.

See original description
Harald Jensås (harald-jensas)
summary: When adding another stateless subnet, implicit address allocation happen
- for port wiht deffered ip allocation
+ for port with deffered ip allocation
summary: When adding another stateless subnet, implicit address allocation happen
- for port with deffered ip allocation
+ for port with deferred ip allocation
description: updated
Revision history for this message
Bernard Cafarelli (bcafarel) wrote :

Confirmed locally, thanks for detailed reproducer!

tags: added: ipv6
Changed in neutron:
status: New → Confirmed
importance: Undecided → High
Revision history for this message
Harald Jensås (harald-jensas) wrote :

The below code is what adds auto-addressing without filtering on segment.

neutron.db.db_base_plugin_v2.NeutronDbPluginV2._create_subnet_postcommit

        # If this subnet supports auto-addressing, then update any
        # internal ports on the network with addresses for this subnet.
        if ipv6_utils.is_auto_address_subnet(result):
            updated_ports = self.ipam.add_auto_addrs_on_network_ports(
                context, result, ipam_subnet)
            for port_id in updated_ports:
                port_info = {'port': {'id': port_id}}
                try:
                    self.update_port(context, port_id, port_info)
                except exc.PortNotFound:
                    LOG.debug("Port %(p)s concurrently deleted while adding "
                              "address for new subnet %(s)s.", {'p': port_id,
                                                                's': result})

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.opendev.org/710546

Changed in neutron:
assignee: nobody → Harald Jensås (harald-jensas)
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron (master)

Related fix proposed to branch: master
Review: https://review.opendev.org/710547

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Related fix proposed to branch: master
Review: https://review.opendev.org/711192

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to neutron (master)

Reviewed: https://review.opendev.org/709444
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=7e09e72661b0b3a0f898c20d451e204aa7a17194
Submitter: Zuul
Branch: master

commit 7e09e72661b0b3a0f898c20d451e204aa7a17194
Author: Harald Jensås <email address hidden>
Date: Thu Feb 27 02:38:13 2020 +0100

    Filter subnets on fixed_ips segment

    For v6_stateless IP addresses for all stateless
    subnets within a network are implicitly included.

    When using segments implicitly allocating addresses
    across subnets on different segments is incorrect.
    IPs from subnets on differnt segments was allocated
    when no host binding information was available
    but a subnet_id in fixed_ips request was present.

    This change adds filtering based on segment_id when
    fixed_ips are used. If fixed_ips are not all on the
    same segment exception FixedIpsSubnetsNotOnSameSegment
    is raised.

    Related: rhbz#1803989
    Related-Bug: #1864333
    Related-Bug: #1865138
    Closes-Bug: #1864225
    Change-Id: I336ae76283f29dd226344fb454aaa0e4aac030ea

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.opendev.org/710546
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=3d3dc60408148cf16bc19cccb76b8652f980fa1c
Submitter: Zuul
Branch: master

commit 3d3dc60408148cf16bc19cccb76b8652f980fa1c
Author: Harald Jensås <email address hidden>
Date: Fri Feb 28 03:09:05 2020 +0100

    subnet create - segment aware auto-addr allocation

    When creating additional subnets with ipv6 auto-addressing
    ip allocation was added to existing ports without filtering
    on current allocation's segment.

    This adds fitering to only add auto-address allocation when
    the new subnet is on the same segment as the ports current
    ipam allocations.

    Related: rhbz#1803989
    Related-Bug: #1864225
    Related-Bug: #1865138
    Closes-Bug: #1864333
    Change-Id: I75ae14c64db076434ca9897ba9a6d97702e233ad

Changed in neutron:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to neutron (master)

Reviewed: https://review.opendev.org/710547
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=f987486febb9fbe88232bb9139508981b92147f1
Submitter: Zuul
Branch: master

commit f987486febb9fbe88232bb9139508981b92147f1
Author: Harald Jensås <email address hidden>
Date: Fri Feb 28 22:55:13 2020 +0100

    Deny delete last slaac subnet with allocation on segment

    When a port has only one IP allocation on auto-allocation
    subnet which is associated with a segment, do not allow
    the delete of the subnet. Raise SubnetInUse exception instead.

    Related: rhbz#1803989
    Related-Bug: #1864225
    Related-Bug: #1864333
    Closes-Bug: #1865138
    Change-Id: I9fb0f05ede42afa1a349635b1936028edf540a1f

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Reviewed: https://review.opendev.org/711192
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=c8f2a309836e152c4f08cc8e5735409f992177af
Submitter: Zuul
Branch: master

commit c8f2a309836e152c4f08cc8e5735409f992177af
Author: Harald Jensås <email address hidden>
Date: Wed Mar 4 10:41:35 2020 +0100

    Reno only - Make stateless allocation segment aware

    This add's a releasenote for changes:
     * https://review.opendev.org/709444
     * https://review.opendev.org/710546
     * https://review.opendev.org/710547

    Related-Bug: #1864225
    Related-Bug: #1864333
    Related-Bug: #1865138
    Change-Id: Idc7819340b37bee8ae7841d14d0143fb18ac362a

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron (stable/train)

Related fix proposed to branch: stable/train
Review: https://review.opendev.org/714092

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/train)

Fix proposed to branch: stable/train
Review: https://review.opendev.org/714093

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron (stable/train)

Related fix proposed to branch: stable/train
Review: https://review.opendev.org/714094

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Related fix proposed to branch: stable/train
Review: https://review.opendev.org/714095

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to neutron (stable/train)

Reviewed: https://review.opendev.org/714092
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=16687e39b698bd2d95d343b403fa861de0b6648c
Submitter: Zuul
Branch: stable/train

commit 16687e39b698bd2d95d343b403fa861de0b6648c
Author: Harald Jensås <email address hidden>
Date: Thu Feb 27 02:38:13 2020 +0100

    Filter subnets on fixed_ips segment

    For v6_stateless IP addresses for all stateless
    subnets within a network are implicitly included.

    When using segments implicitly allocating addresses
    across subnets on different segments is incorrect.
    IPs from subnets on differnt segments was allocated
    when no host binding information was available
    but a subnet_id in fixed_ips request was present.

    This change adds filtering based on segment_id when
    fixed_ips are used. If fixed_ips are not all on the
    same segment exception FixedIpsSubnetsNotOnSameSegment
    is raised.

    Related: rhbz#1803989
    Related-Bug: #1864333
    Related-Bug: #1865138
    Closes-Bug: #1864225
    Change-Id: I336ae76283f29dd226344fb454aaa0e4aac030ea
    (cherry picked from commit 7e09e72661b0b3a0f898c20d451e204aa7a17194)

tags: added: in-stable-train
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (stable/train)

Reviewed: https://review.opendev.org/714093
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=c4264b7ded8e5ac3cf5d96eebf5f170d5ea5f9ad
Submitter: Zuul
Branch: stable/train

commit c4264b7ded8e5ac3cf5d96eebf5f170d5ea5f9ad
Author: Harald Jensås <email address hidden>
Date: Fri Feb 28 03:09:05 2020 +0100

    subnet create - segment aware auto-addr allocation

    When creating additional subnets with ipv6 auto-addressing
    ip allocation was added to existing ports without filtering
    on current allocation's segment.

    This adds fitering to only add auto-address allocation when
    the new subnet is on the same segment as the ports current
    ipam allocations.

    Related: rhbz#1803989
    Related-Bug: #1864225
    Related-Bug: #1865138
    Closes-Bug: #1864333
    Change-Id: I75ae14c64db076434ca9897ba9a6d97702e233ad
    (cherry picked from commit 3d3dc60408148cf16bc19cccb76b8652f980fa1c)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to neutron (stable/train)

Reviewed: https://review.opendev.org/714094
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=259049e25e6bb3cfb84fc75972456c548d00ed9e
Submitter: Zuul
Branch: stable/train

commit 259049e25e6bb3cfb84fc75972456c548d00ed9e
Author: Harald Jensås <email address hidden>
Date: Fri Feb 28 22:55:13 2020 +0100

    Deny delete last slaac subnet with allocation on segment

    When a port has only one IP allocation on auto-allocation
    subnet which is associated with a segment, do not allow
    the delete of the subnet. Raise SubnetInUse exception instead.

    Related: rhbz#1803989
    Related-Bug: #1864225
    Related-Bug: #1864333
    Closes-Bug: #1865138
    Change-Id: I9fb0f05ede42afa1a349635b1936028edf540a1f
    (cherry picked from commit f987486febb9fbe88232bb9139508981b92147f1)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Reviewed: https://review.opendev.org/714095
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=26ddb076b848e1585582fcee635fbdea337bfde5
Submitter: Zuul
Branch: stable/train

commit 26ddb076b848e1585582fcee635fbdea337bfde5
Author: Harald Jensås <email address hidden>
Date: Wed Mar 4 10:41:35 2020 +0100

    Reno only - Make stateless allocation segment aware

    This add's a releasenote for changes:
     * https://review.opendev.org/709444
     * https://review.opendev.org/710546
     * https://review.opendev.org/710547

    Related-Bug: #1864225
    Related-Bug: #1864333
    Related-Bug: #1865138
    Change-Id: Idc7819340b37bee8ae7841d14d0143fb18ac362a
    (cherry picked from commit c8f2a309836e152c4f08cc8e5735409f992177af)

Bernard Cafarelli (bcafarel)
tags: added: neutron-proactive-backport-potential
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/stein)

Fix proposed to branch: stable/stein
Review: https://review.opendev.org/751194

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron (stable/stein)

Related fix proposed to branch: stable/stein
Review: https://review.opendev.org/751195

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/rocky)

Fix proposed to branch: stable/rocky
Review: https://review.opendev.org/751197

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron (stable/rocky)

Related fix proposed to branch: stable/rocky
Review: https://review.opendev.org/751198

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (stable/queens)

Fix proposed to branch: stable/queens
Review: https://review.opendev.org/751201

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron (stable/queens)

Related fix proposed to branch: stable/queens
Review: https://review.opendev.org/751202

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on neutron (stable/stein)

Change abandoned by Slawek Kaplonski (<email address hidden>) on branch: stable/stein
Review: https://review.opendev.org/751194
Reason: It seems like there is more dependencies for that patch and I don't think we really need to backport it.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Change abandoned by Slawek Kaplonski (<email address hidden>) on branch: stable/stein
Review: https://review.opendev.org/751195
Reason: It seems like there is more dependencies for that patch and I don't think we really need to backport it.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on neutron (stable/rocky)

Change abandoned by Slawek Kaplonski (<email address hidden>) on branch: stable/rocky
Review: https://review.opendev.org/751197
Reason: It seems like there is more dependencies for that patch and I don't think we really need to backport it.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Change abandoned by Slawek Kaplonski (<email address hidden>) on branch: stable/rocky
Review: https://review.opendev.org/751198
Reason: It seems like there is more dependencies for that patch and I don't think we really need to backport it.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on neutron (stable/queens)

Change abandoned by Slawek Kaplonski (<email address hidden>) on branch: stable/queens
Review: https://review.opendev.org/751201
Reason: It seems like there is more dependencies for that patch and I don't think we really need to backport it.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Change abandoned by Slawek Kaplonski (<email address hidden>) on branch: stable/queens
Review: https://review.opendev.org/751202
Reason: It seems like there is more dependencies for that patch and I don't think we really need to backport it.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.