Public bug reported:
Hi All
Currently in the neturon floating ip associate code, there is a
limitation that if the port's network is not connected to any router,
then the floating ip cannot be associated.
(neutron) floatingip-associate 52a8cbea-cc3c-4162-8a16-bf7f31a92622
d40331e7-7c16-4ba5-ac38-44d805eb9cc0
External network cb3ac47c-60be-4754-a540-ee03e9b3668c is not reachable from
subnet 14c83a82-ca86-45ad-93e4-a14720cfec54. Therefore, cannot associate Port
d40331e7-7c16-4ba5-ac38-44d805eb9cc0 with a Floating IP.
Neutron server returns request_ids: ['req-91073bb6-a54e-4a6c-8400-4499e53a940d']
(neutron)
This behavior is right in normal case, but there is a real case will be blocked:
See the attached use case picture, we deployed a pfSense as router, the
private-network-1 is not connected to the router but connect to the pfSense as
the default gw. And in the router, we added a static route that any traffic
going to the private-network-1 nexthop to pfSense. In case, we can not set the
floating ip for the vm1.
So we suggest, when associating floating ip, neutron should not only
check the direct connected subnets, but also check the whether there're
static route can cover that port.
Thanks,
Bali
** Affects: neutron
Importance: Undecided
Status: New
** Attachment added: "user case with static route"
https://bugs.launchpad.net/bugs/1616317/+attachment/4726777/+files/fw%20topo%20after%20fw%20enabled%20vm1-ext.jpeg
** Summary changed:
- floatingip cannot be associated when there's static route to the network
+ floatingip cannot be associated even there's static route to the network
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1616317
Title:
floatingip cannot be associated even there's static route to the
network
Status in neutron:
New
Bug description:
Hi All
Currently in the neturon floating ip associate code, there is a
limitation that if the port's network is not connected to any router,
then the floating ip cannot be associated.
(neutron) floatingip-associate 52a8cbea-cc3c-4162-8a16-bf7f31a92622
d40331e7-7c16-4ba5-ac38-44d805eb9cc0
External network cb3ac47c-60be-4754-a540-ee03e9b3668c is not reachable from
subnet 14c83a82-ca86-45ad-93e4-a14720cfec54. Therefore, cannot associate Port
d40331e7-7c16-4ba5-ac38-44d805eb9cc0 with a Floating IP.
Neutron server returns request_ids:
['req-91073bb6-a54e-4a6c-8400-4499e53a940d']
(neutron)
This behavior is right in normal case, but there is a real case will be
blocked:
See the attached use case picture, we deployed a pfSense as router, the
private-network-1 is not connected to the router but connect to the pfSense as
the default gw. And in the router, we added a static route that any traffic
going to the private-network-1 nexthop to pfSense. In case, we can not set the
floating ip for the vm1.
So we suggest, when associating floating ip, neutron should not only
check the direct connected subnets, but also check the whether
there're static route can cover that port.
Thanks,
Bali
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1616317/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
