The neutron DHCP agent does not issue leases for ports that don't exist in the Neutron DB. There was a time when it would issue a DHCPNAK to other DHCP traffic[1], but that's been fixed for quite some time now. perhaps that was the bad behavior in Juno that you observed?
1. http://lists.openstack.org/pipermail/openstack-dev/2015-May/064725.html On Tue, Aug 30, 2016 at 7:44 AM, Satish Patel <satish....@gmail.com> wrote: > Robert, > > I didn't find any related configuration which blacklist mac address on > Mitaka. also i didn't find any document stated that DHCP agent only > gives ip address to instance mac address. > > Do you point me to any doc or any kind of material > > On Fri, Aug 26, 2016 at 4:07 PM, Van Leeuwen, Robert > <rovanleeu...@ebay.com> wrote: > > Are you sure it was DHCP misbehaving? > > Because it could also have been that it tried to takeover the gateway IP. > > That would certainly mess with connectivity on the network. > > > > Just mentioning because you gave the example --router:external while I > think it should be --router:external True > > > > Also if it is dhcp misbehaving you might be able to fix it with the > dnsmasq_config_file option in the dhcp agent. You can probably blacklist > everything that does not start with the OpenStack MAC range. (Base_mac > setting) > > > > I currently don't have a setup to reproduce this so I cannot be 100% > sure about the details or if this works ;-) > > > > Cheers, > > Robert van Leeuwen > > > > > >> On 26 Aug 2016, at 18:58, Satish Patel <satish....@gmail.com> wrote: > >> > >> Robert, > >> > >> I remembered in JUNO release when i did flat network with my existing > >> provider LAN then DHCP started giving IPs to my existing LAN clients > >> and people started yelling their network is down :( > >> > >> Following networking i configured. > >> > >> #neutron net-create network1 --provider:network_type flat > >> --provider:physical_network extnet --router:external --shared > >> > >> #neutron subnet-create --name subnet1 --enable_dhcp=True > >> --allocation-pool=start=10.0.3.160,end=10.0.3.166 --gateway=10.0.0.1 > >> network1 10.0.0.0/21 > >> > >> After realizing issue i have changed --enable_dhcp=False > >> > >> On Fri, Aug 26, 2016 at 2:35 AM, Van Leeuwen, Robert > >> <rovanleeu...@ebay.com> wrote: > >>>> When i was trying to use DHCP in openstack i found openstack DHCP > >>>> start provide ip address to my existing LAN machines ( we are using > >>>> flat VLAN with neutron), that is why i disable openstack DHCP, Is it > >>>> common or i am doing something wrong? > >>> > >>> I do not think this should happen. > >>> It has been a while (Folsom) since I touched a setup with mixed “LAN” > and OpenStack DHCP but IIRC it works like this: > >>> > >>> AFAIK the leases file neutron uses is very specific and will only > reply to the mac-addresses that are in the dnsmasq config. > >>> Looking at the dnsmasq process it is set to static: > >>> From the man page: > >>> The optional <mode> keyword may be static which tells dnsmasq to > enable DHCP for the network specified, but not to dynamically allocate IP > addresses, only hosts which have static addresses given via dhcp-host or > from /etc/ethers will be served. > >>> > >>> Usually the problem is the other way around: > >>> The existing DHCP in the “lan” bites with what OpenStack does. (so an > OpenStack instance gets an IP from the lan DHCP) > >>> This can be prevented by blacklisting the MAC address range your > instances get in your lan dhcp (Blacklist MAC starting with fa:16:3e ) > >>> > >>> Cheers, > >>> Robert van Leeuwen > >>> > > _______________________________________________ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/ > openstack > Post to : openstack@lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/ > openstack >
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
