Disabling/enabling networks in neutron causes traffic loop with linxbridge agent
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| neutron |
New
|
Undecided
|
Unassigned | ||
Bug Description
We observed traffic looping between two linuxbridge agents after a user disabled and then reenabled the network. Disabling a network causes all vethX interfaces to be cleaned from the bridge, but the physical interface remains in the bridge. Disabling the network will also cause a segment release for the segment the network agent is on in a hierarchical port binding setup. When reenabling the network a new VLAN id might be generated for the segment the network agent is on and thus the physical interface will be added with the new VLAN id. With two network agents bridging two different VLANs we get a loop.
Quick mitigation would be to identify the bridge with two physical interfaces in it, identify the stale interface and remove it.
Tested with Neutron Queens. Network was disabled/enabled via openstack network set --disable/--enable $uuid
| sean mooney (sean-k-mooney) wrote | #1 |
| Changed in neutron: | |
| status: | New → Incomplete |
| Johannes Kulik (jkulik) wrote | #2 |
| Changed in neutron: | |
| status: | Incomplete → New |
what release of openstack are you using
i have not found the code path for disabling a network but assuming it just set the adminstate on all the ports to down
that has not removed the interface form the linux bridge since
https:/
https:/
seting the admin state down simply sets the linkstate down.
if disabling the network which sets the admin state of the network down does something other then set the admin state on all the ports on that netorkdown perhaps there is a race? but if its just setting the port down i dont see how that would cause a loop since that would just set the linkstate down.