Public bug reported: Environment: L3 agent configuration: agent_mode=dvr_snat. The L3 agent is located in a controller node, acting as a DVR edge router (no HA).
Description: When "process_floating_ip_nat_rules_for_centralized_floatingip" is called, this method should check first if "self.snat_iptables_manager" has been initialized. The method "process_floating_ip_nat_rules_for_centralized_floatingip" is called from: <-- DvrEdgeRouter.process_floating_ip_nat_rules <-- RouterInfo.process_snat_dnat_for_fip <-- RouterInfo.process_external The method "RouterInfo.process_external" will first call "RouterInfo._process_external_gateway" --> "DvrEdgeRouter.external_gateway_added" --> "DvrEdgeRouter._create_dvr_gateway". This last method initializes the SNAT iptables manager [1] (this code has been around unchanged six years). However "DvrEdgeRouter.external_gateway_added" is only called if "ex_gw_port" exists. That means if the GW port does not exist, the SNAT iptables manager is None. Error example (snippet): https://paste.opendev.org/show/809621/ Steps to Reproduce: (I'm not 100% sure, I still need to check) Create a FIP in a SNAT DVR router without GW port. [1]https://github.com/openstack/neutron/blob/1d450dbddc8c3d34948ab3d9a8346dd491d9cc7c/neutron/agent/l3/dvr_edge_router.py#L196-L198 ** Affects: neutron Importance: Undecided Assignee: Rodolfo Alonso (rodolfo-alonso-hernandez) Status: New ** Changed in: neutron Assignee: (unassigned) => Rodolfo Alonso (rodolfo-alonso-hernandez) ** Description changed: Environment: L3 agent configuration: agent_mode=dvr_snat. The L3 agent is located in a controller node, acting as a DVR edge router (no HA). - Description: When "process_floating_ip_nat_rules_for_centralized_floatingip" is called, this method should check first if "self.snat_iptables_manager" has been initialized. The method "process_floating_ip_nat_rules_for_centralized_floatingip" is called from: - <-- DvrEdgeRouter.process_floating_ip_nat_rules - <-- RouterInfo.process_snat_dnat_for_fip - <-- RouterInfo.process_external - - The method "RouterInfo.process_external" will first call "RouterInfo._process_external_gateway" --> "DvrEdgeRouter.external_gateway_added" --> "DvrEdgeRouter._create_dvr_gateway". This last method initializes the SNAT iptables manager [1] (this code has been around unchanged six years). + <-- DvrEdgeRouter.process_floating_ip_nat_rules + <-- RouterInfo.process_snat_dnat_for_fip + <-- RouterInfo.process_external + + The method "RouterInfo.process_external" will first call + "RouterInfo._process_external_gateway" --> + "DvrEdgeRouter.external_gateway_added" --> + "DvrEdgeRouter._create_dvr_gateway". This last method initializes the + SNAT iptables manager [1] (this code has been around unchanged six + years). However "DvrEdgeRouter.external_gateway_added" is only called if "ex_gw_port" exists. That means if the GW port does not exist, the SNAT iptables manager is None. + Error example (snippet): https://paste.opendev.org/show/809621/ Steps to Reproduce: (I'm not 100% sure, I still need to check) Create a FIP in a SNAT DVR router without GW port. - [1]https://github.com/openstack/neutron/blob/1d450dbddc8c3d34948ab3d9a8346dd491d9cc7c/neutron/agent/l3/dvr_edge_router.py#L196-L198 -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1945215 Title: "process_floating_ip_nat_rules_for_centralized_floatingip" should check if self.snat_iptables_manager was initialized Status in neutron: New Bug description: Environment: L3 agent configuration: agent_mode=dvr_snat. The L3 agent is located in a controller node, acting as a DVR edge router (no HA). Description: When "process_floating_ip_nat_rules_for_centralized_floatingip" is called, this method should check first if "self.snat_iptables_manager" has been initialized. The method "process_floating_ip_nat_rules_for_centralized_floatingip" is called from: <-- DvrEdgeRouter.process_floating_ip_nat_rules <-- RouterInfo.process_snat_dnat_for_fip <-- RouterInfo.process_external The method "RouterInfo.process_external" will first call "RouterInfo._process_external_gateway" --> "DvrEdgeRouter.external_gateway_added" --> "DvrEdgeRouter._create_dvr_gateway". This last method initializes the SNAT iptables manager [1] (this code has been around unchanged six years). However "DvrEdgeRouter.external_gateway_added" is only called if "ex_gw_port" exists. That means if the GW port does not exist, the SNAT iptables manager is None. Error example (snippet): https://paste.opendev.org/show/809621/ Steps to Reproduce: (I'm not 100% sure, I still need to check) Create a FIP in a SNAT DVR router without GW port. [1]https://github.com/openstack/neutron/blob/1d450dbddc8c3d34948ab3d9a8346dd491d9cc7c/neutron/agent/l3/dvr_edge_router.py#L196-L198 To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1945215/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
