2020-07-14 16:30:46 |
Lukas Steiner |
description |
After stopping or deleting an instance the linuxbridge-agent tries to clean up the ARP protect firewall rules and fails with
```
neutron_lib.exceptions.ProcessExecutionError: Exit code: 4; Stdin: ; Stdout: ; Stderr: ebtables v1.8.4 (nf_tables): CHAIN_USER_DEL failed (Device or resource busy): chain neutronARP-tapc6f37d57-46
```
Flushing the chain with `ebtables -L chain` before deleting it, seems to solve the problem. Same for the neutronMAC-tapc6f37d57-46 chain. There're two rules which aren't removed before the agent tries to delete the chain:
```
Bridge chain: neutronMAC-tapc6f37d57-46, entries: 1, policy: DROP
-i tapc6f37d57-46 --among-src fa:16:3e:f1:de:e -j RETURN
Bridge chain: neutronARP-tapc6f37d57-46, entries: 1, policy: RETURN
-p ARP --arp-ip-src 192.168.1.148 -j ACCEPT
```
OpenStack Version: ussuri
Linux distro: CentOS 8 |
After stopping or deleting an instance the linuxbridge-agent tries to clean up the ARP protect firewall rules and fails with
```
neutron_lib.exceptions.ProcessExecutionError: Exit code: 4; Stdin: ; Stdout: ; Stderr: ebtables v1.8.4 (nf_tables): CHAIN_USER_DEL failed (Device or resource busy): chain neutronARP-tapc6f37d57-46
```
Flushing the chain with `ebtables -F chain` before deleting it, seems to solve the problem. Same for the neutronMAC-tapc6f37d57-46 chain. There're two rules which aren't removed before the agent tries to delete the chain:
```
Bridge chain: neutronMAC-tapc6f37d57-46, entries: 1, policy: DROP
-i tapc6f37d57-46 --among-src fa:16:3e:f1:de:e -j RETURN
Bridge chain: neutronARP-tapc6f37d57-46, entries: 1, policy: RETURN
-p ARP --arp-ip-src 192.168.1.148 -j ACCEPT
```
OpenStack Version: ussuri
Linux distro: CentOS 8 |
|