after FIP is assigned vm lost network connection
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Expired
|
Undecided
|
Unassigned |
Bug Description
Description
===========
There are private (internal) and public (external for FIP) networks in OpenStack project, also there is router with gateway and external net and interface as internal net. After server is created without FIP and only internal net, it has Internet access. After FIP is assigned the vm looses its connection.
Steps to reproduce
==================
1. Create network_0:
name: internal
external: false
provider_
provider_
create_subnet: true
cidr: 192.168.33.0/24
no_gateway_ip: false
allocation_
allocation_
enable_dhcp: true
2. Create network_1:
name: external
external: true
provider_
provider_
provider_
create_subnet: true
cidr: 10.100.148.0/22
gateway_ip: 10.100.151.254
allocation_
allocation_
enable_dhcp: false
3. Create router:
name: router_1
interfaces: [internal_subnet]
network: external
4. Create server:
flavor with ram: 1Gb, disk: 10Gb, vcpus: 1
image: cirros-0.4.0-x86_64
name: testing_config
network: internal
5. Open virtual console using Horizon and log in, ping 8.8.8.8. It executes successfully
6. Create Create floating_ip:
network: external
server: testing_config
7. SSH virtual machine by assigned floating ip.
8. Ping 8.8.8.8. The command stucks
Expected result
===============
Successful ping on Step 8
Actual result
=============
Ping on Step 8 stucks
Environment
===========
I have deployed OpenStack Ussuri with 3 controllers and 2 computes with Pacemaker and PacemakerRemote.
OpenStack is containerized using Podman and all the containers are from tripleomaster and have tag 0b5ec707ab4c049
Neutron configuration:
[DEFAULT]
debug=False
log_dir=
control_
bind_host=
auth_strategy=
core_plugin=ml2
host=overcloud-
dns_domain=
dhcp_agents_
dhcp_agent_
allow_overlappi
global_
vlan_transparen
service_
notify_
notify_
l3_ha=False
max_l3_
api_workers=12
rpc_workers=12
router_
allow_automatic
[database]
connection=
max_retries=-1
db_max_retries=-1
[keystone_
www_authenticat
region_
memcached_
auth_type=password
auth_url=http://
username=neutron
password=
user_domain_
project_
project_
[oslo_concurrency]
lock_path=
[oslo_messaging
driver=noop
[oslo_messaging
heartbeat_
[oslo_middleware]
enable_
[oslo_policy]
policy_
[agent]
root_helper=sudo neutron-rootwrap /etc/neutron/
[nova]
auth_url=http://
username=nova
password=
project_
project_
user_domain_
region_
endpoint_
auth_type=password
[placement]
auth_url=http://
username=nova
password=
project_
project_
user_domain_
region_
auth_type=password
[ovs]
igmp_snooping_
[quotas]
quota_port=500
quota_security_
quota_firewall_
quota_network_
quota_packet_
Changed in neutron: | |
status: | New → Incomplete |
status: | Incomplete → New |
status: | New → Incomplete |
Hi,
what version of OVN do you use? There was a recent bug for SNAT traffic: /github. com/ovn- org/ovn/ commit/ fda9a1dd3c995f2 5cad9e828e701f8 b41d347bbb
https:/
It is fixed in OVN v20.06.0
Also I see you use VLAN provider network, which requires some extra settings to work with DVR. Do you have DVR enabled?