[Bug 195982] Re: Shift key (and caps lock) stop working when using VMWare
Like others, I have the same problem - Hardy with 2.6.24-16 kernel (amd64) running vmplayer 2.0.3 build-80004. If I highlight any text inside the vm (running XP) and ctrl-c to copy everything stops working - setxkbmap did fix it for me though. -- Shift key (and caps lock) stop working when using VMWare https://bugs.launchpad.net/bugs/195982 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1783654] Re: DVR process flow not installed on physical bridge for shared tenant network
Rodolfo - yes, we need both https://review.openstack.org/#/c/595496/ and https://review.openstack.org/#/c/595490/ picked to stable/rocky. I even dropped a note in the first one, just forgot to push the button: "I saw this was picked to stable/queens, we need it in stable/rocky as well I believe." -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1783654 Title: DVR process flow not installed on physical bridge for shared tenant network To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1783654/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1252900] Re: Directional network performance issues with Neutron + OpenvSwitch
** Changed in: neutron Status: Incomplete => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1252900 Title: Directional network performance issues with Neutron + OpenvSwitch To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1252900/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1668410] Re: [SRU] Infinite loop trying to delete deleted HA router
** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1668410 Title: [SRU] Infinite loop trying to delete deleted HA router To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1668410/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1750777] Re: openvswitch agent eating CPU, time spent in ip_conntrack.py
Corey - I was going to reply to your upstream announcement to pick this up, we're just waiting on the 12.0.2 tag to merge. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1750777 Title: openvswitch agent eating CPU, time spent in ip_conntrack.py To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1750777/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1896506] Re: keepalived_use_no_track default=True breaks bionic deploys
Slawek - do you want to take this? ** Changed in: neutron Importance: Undecided => High ** Changed in: neutron Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1896506 Title: keepalived_use_no_track default=True breaks bionic deploys To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1896506/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1813007] Re: Unable to install new flows on compute nodes when having broken security group rules
I'll work on this change, think I have a fix, just need to get some reviews. ** Changed in: neutron Importance: Undecided => Critical ** Changed in: neutron Status: New => Confirmed ** Changed in: neutron Assignee: (unassigned) => Brian Haley (brian-haley) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1813007 Title: Unable to install new flows on compute nodes when having broken security group rules To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1813007/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1832210] Re: incorrect decode of log prefix under python 3
** Changed in: neutron Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1832210 Title: incorrect decode of log prefix under python 3 To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1832210/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1622002] Re: dhcp_release6 can be called when it is not present
The NoFilterMatched is actually because the grenade job doesn't automatically update dhcp.filters, I have a fix proposed there that I'll update with this bug info, https://review.openstack.org/#/c/371015/ There is still a fix required for neutron to catch when we don't have dhcp_release6, I'll update the existing patch based on multiple comments from Ihar and others. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1622002 Title: dhcp_release6 can be called when it is not present To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1622002/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1749425] Re: Neutron integrated with OpenVSwitch drops packets and fails to plug/unplug interfaces from OVS on router interfaces at scale
You described a lot of issues in comment #14: * Missing interfaces inside qrouter namespaces (OVS taps) * Missing iptables rules * Missing floating IP aliases on OVS interfaces inside the qrouter namespaces Some of those might be fixed in master, especially the iptables one, and should have been cherry-picked to the stable branches but probably only to Ocata. The "add floating ip" path should re-queue the message and retry in a second or two, if it doesn't then please see if there is a trackback and put the info here or another bug. There could also be something happening with keepalived where it's not getting things done, since it is managing the VIPs when HA is enabled. Finally, regarding the traceback, I've never seen that before. My first thought is to sprinkle "if instance" in all those code paths, but maybe there's something else going on here that we should figure out. For example, if the initial creation of the instance failed, then a message came to add a floating IP, returning without doing anything (not instance case) isn't what we want to do. This would require some log examination to figure out what exactly happened. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1749425 Title: Neutron integrated with OpenVSwitch drops packets and fails to plug/unplug interfaces from OVS on router interfaces at scale To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1749425/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1749425] Re: Neutron integrated with OpenVSwitch drops packets and fails to plug/unplug interfaces from OVS on router interfaces at scale
And just as a follow-on to my previous comment - is it possible to test this with the latest code from the master branch? I know you're running packages from Ubuntu I just didn't want to waste cycles tracking things down that might be fixed already, and maybe just need a backport to a stable branch. That's not saying there isn't a new bug here as there most likely is. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1749425 Title: Neutron integrated with OpenVSwitch drops packets and fails to plug/unplug interfaces from OVS on router interfaces at scale To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1749425/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1622002] Re: dhcp_release6 can be called when it is not present
Christian - I believe we added dnsmasq in order to see about getting v2.76 into LTS (xenial) since having a better dhcpv6 stateful offering would be a good thing. It's currently only in Y. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1622002 Title: dhcp_release6 can be called when it is not present To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1622002/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051935] Re: [OVN] SNAT only happens for subnets directly connected to a router
Just wanted to add the OVN change I mentioned in my comment above as it has not merged yet: https://patchwork.ozlabs.org/project/ovn/patch/20240821085507.394179-1-amu...@redhat.com/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051935 Title: [OVN] SNAT only happens for subnets directly connected to a router To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/2051935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051935] Re: [OVN] SNAT only happens for subnets directly connected to a router
BTW, Terry Wilson found the original neutron bug where this behavior was introduced in neutron, allowing all subnets indirectly connected to a router to use the default SNAT address. https://bugs.launchpad.net/neutron/+bug/1386041 Wanted to make sure that was documented. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051935 Title: [OVN] SNAT only happens for subnets directly connected to a router To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/2051935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2017748] Re: [SRU] OVN: ovnmeta namespaces missing during scalability test causing DHCP issues
Sorry, just clicked the wrong buttons, trying to get this targeted to the UCA back to Ussuri. ** Also affects: neutron/wallaby Importance: Undecided Status: New ** Also affects: neutron/xena Importance: Undecided Status: New ** Also affects: neutron/ussuri Importance: High Assignee: Terry Wilson (otherwiseguy) Status: Fix Released ** Also affects: neutron/victoria Importance: Undecided Status: New ** No longer affects: neutron ** Also affects: neutron Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2017748 Title: [SRU] OVN: ovnmeta namespaces missing during scalability test causing DHCP issues To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2017748/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051935] Re: [OVN] SNAT only happens for subnets directly connected to a router
These are the settings I used for my ml2/ovs devstack: Q_AGENT=openvswitch Q_ML2_PLUGIN_MECHANISM_DRIVERS=openvswitch Q_ML2_TENANT_NETWORK_TYPE=vxlan enable_service q-agt enable_service q-l3 enable_service q-dhcp enable_service q-meta disable_service ovn-controller disable_service ovn-northd disable_service ovs-vswitch disable_service ovsdb-server disable_service q-ovn-metadata-agent enable_service placement enable_service placement-api enable_service placement-client I am currently testing an additional nested router/network, will post the OSC commands when I'm done. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051935 Title: [OVN] SNAT only happens for subnets directly connected to a router To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/2051935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051935] Re: [OVN] SNAT only happens for subnets directly connected to a router
Ok, as I was asked about the case of 3 nested routers (i.e. a network on a private subnet behind 3 total routers, 2 nested on their own private networks), I've tested that as well. Same results - shows a clear regression from ML2/OVS to OVN. Again, I used devstack, this was the latest commit in the neutron tree as these deployments were already running from last try: $ git log -1 commit a8fe0cb369da7312cff2abb8f3e5902d359a6642 Merge: 2d74a93d68 d55c591ecd Author: Zuul Date: Wed Feb 14 15:59:24 2024 + Merge "[OVN] A LRP in an external tunnelled network has no chassis" # Create nested network $ openstack network create private-network-nested $ openstack subnet create --subnet-pool shared-default-subnetpool-v4 --network private-network-nested private-subnet-nested $ openstack router create router-nested $ openstack router add subnet router-nested private-subnet-nested $ openstack port create --network private --fixed-ip subnet=private-subnet,ip-address=10.0.0.62 private-port $ openstack router add port router-nested private-port $ openstack router add route --route destination=10.0.0.64/26,gateway=10.0.0.62 router1 $ openstack router add route --route destination=0.0.0.0/0,gateway=10.0.0.1 router-nested # Create nested network, 3-layers deep $ openstack network create private-network-nested-3 $ openstack subnet create --subnet-pool shared-default-subnetpool-v4 --network private-network-nested-3 private-subnet-nested-3 $ openstack router create router-nested-3 $ openstack router add subnet router-nested-3 private-subnet-nested-3 $ openstack port create --network private-network-nested --fixed-ip subnet=private-subnet-nested,ip-address=10.0.0.126 private-port-2 $ openstack router add port router-nested-3 private-port-2 $ openstack router add route --route destination=0.0.0.0/0,gateway=10.0.0.65 router-nested-3 $ openstack router add route --route destination=10.0.0.128/26,gateway=10.0.0.62 router1 $ openstack router add route --route destination=10.0.0.128/26,gateway=10.0.0.126 router-nested # Launch an instance on doubly-nested network $ openstack server create --flavor 1 --image cirros-0.6.2-x86_64-disk --key-name devstackkeypair --network private-network-nested-3 test_server1 # Open console of test_server1 # ping 8.8.8.8 (fail) # Does not work with OVN $ sudo ovn-nbctl lr-nat-list neutron-034efa05-5717-4e77-b131-b79920ec2a24 TYPE EXTERNAL_IPEXTERNAL_PORTLOGICAL_IP EXTERNAL_MAC LOGICAL_PORT snat 172.24.4.12210.0.0.0/26 # Does work with OVN with the proposed patch # ping 8.8.8.8 (success) $ sudo ovn-nbctl lr-nat-list neutron-034efa05-5717-4e77-b131-b79920ec2a24 TYPE EXTERNAL_IPEXTERNAL_PORTLOGICAL_IP EXTERNAL_MAC LOGICAL_PORT snat 172.24.4.12210.0.0.0/26 snat 172.24.4.12210.0.0.128/26 snat 172.24.4.12210.0.0.64/26 # Does work with ML2/OVS, running same exact commands as above. # ping 8.8.8.8 (success) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051935 Title: [OVN] SNAT only happens for subnets directly connected to a router To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/2051935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051935] Re: [OVN] SNAT only happens for subnets directly connected to a router
So just some additional information. The reporter confirmed their cloud is running HA routers, but not DVR. And talking with Rodolfo on irc reminded me of a proposed change that I finally found: https://review.opendev.org/c/openstack/neutron/+/890459 And the bug for that is: https://bugs.launchpad.net/neutron/+bug/2029722 (Routed subnets cannot use snat) So this scenario works for "legacy" routers, but not for DVR. It should work for HA although Rodolfo tried and could not get it to work. So in my opinion, this is a bug in DVR routers and a regression with OVN routers. As Rodolfo mentioned, he has reached out to the OVN cores for advice. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051935 Title: [OVN] SNAT only happens for subnets directly connected to a router To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/2051935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2026757] Re: dnsmasq on Ubuntu Jammy crashes on neutron-dhcp-agent updates
From that trace, it looks like it is in this code in dhcp_config_free()
when it makes the free() call:
#ifdef HAVE_DHCP6
if (config->flags & CONFIG_ADDR6)
{
struct addrlist *addr, *tmp;
for (addr = config->addr6; addr; addr = tmp)
{
tmp = addr->next;
free(addr);
}
}
#endif
That *seems* Ok at first look, right? I do like the while() loop above
it better :)
I do see a potential issue when IPv6 addresses are added to this list,
but I think it would just cause a memory leak, search for CONFIG_ADDR6
in that file. Guess I'll have to send that to the list, I can't unsee it
now.
You might just need to step through that code to see what 'addr'
actually is.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2026757
Title:
dnsmasq on Ubuntu Jammy crashes on neutron-dhcp-agent updates
To manage notifications about this bug go to:
https://bugs.launchpad.net/ironic/+bug/2026757/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2037717] Re: [OVN] ``PortBindingChassisEvent`` event is not executing the conditions check
** Also affects: neutron (Ubuntu) Importance: Undecided Status: New ** Also affects: neutron (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: neutron (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: neutron (Ubuntu Jammy) Status: New => Fix Released ** Also affects: cloud-archive Importance: Undecided Status: New ** Also affects: cloud-archive/ussuri Importance: Undecided Status: New ** Also affects: cloud-archive/victoria Importance: Undecided Status: New ** Also affects: cloud-archive/wallaby Importance: Undecided Status: New ** Changed in: cloud-archive/wallaby Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2037717 Title: [OVN] ``PortBindingChassisEvent`` event is not executing the conditions check To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2037717/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051935] Re: [OVN] SNAT only happens for subnets directly connected to a router
Just adding issue Rodolfo raised with the OVN team at Red Hat: https://issues.redhat.com/browse/FDP-448 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051935 Title: [OVN] SNAT only happens for subnets directly connected to a router To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/2051935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2026757] Re: dnsmasq on Ubuntu Jammy crashes on neutron-dhcp-agent updates
Can you paste the change you're using that seems to help? Maybe getting some eyes on it might help point in a direction? Not that I have lots of extra cycles. And I didn't expect the change I made to help, that failure probably never happens, and if you're just dealing with IPv4 it won't come into play. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2026757 Title: dnsmasq on Ubuntu Jammy crashes on neutron-dhcp-agent updates To manage notifications about this bug go to: https://bugs.launchpad.net/ironic/+bug/2026757/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2008943] Re: OVN DB Sync utility cannot find NB DB Port Group
I have tested neutron version 2:16.4.2-0ubuntu6.4~cloud0 from the cloud- archive:ussuri-proposed repository and can verify the code has this change, and the failure does not occur. I followed the steps from the bug description: Quick way to reproduce on ML2/OVN: - openstack project create test_project - openstack create network --project test_project test_network - openstack port delete $(openstack port list --network test_network -c ID -f value) # since this is an empty network only the metadata port should get listed and subsequently deleted - openstack security group delete test_project So now that you have a network without a metadata port in it and no default security group for the project/tenant that this network belongs to run neutron-ovn-db-sync-util --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --ovn- neutron_sync_mode migrate ** Tags removed: verification-ussuri-needed ** Tags added: verification-ussuri-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2008943 Title: OVN DB Sync utility cannot find NB DB Port Group To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2008943/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2032770] Re: [SRU] [OVN] port creation with --enable-uplink-status-propagation does not work with OVN mechanism driver
I have tested neutron version 2:16.4.2-0ubuntu6.4~cloud0 from the cloud- archive:ussuri-proposed repository and can verify the code has this change, and the failure does not occur. I followed the steps from the bug description: openstack port create --network --binding-profile trusted=true --enable-uplink-status-propagation --vnic-type direct aaa - It did not fail with "BadRequestException: 400: Client Error for url: https://mycloud.example.com:9696/v2.0/ports, Unrecognized attribute(s) 'propagate_uplink_status'" as previously ** Tags removed: verification-ussuri-needed ** Tags added: verification-ussuri-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2032770 Title: [SRU] [OVN] port creation with --enable-uplink-status-propagation does not work with OVN mechanism driver To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2032770/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2030773] Re: OVN DB Sync always logs warning messages about updating all router ports
I have tested neutron version 2:16.4.2-0ubuntu6.4~cloud0 from the cloud- archive:ussuri-proposed repository and can verify the code has this change, and the failure does not occur. I followed the steps from the bug description: neutron-ovn-db-sync-util --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --ovn- neutron_sync_mode log Running that multiple times did not produce out for out of sync ports as is used to. ** Tags removed: verification-ussuri-needed ** Tags added: verification-ussuri-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2030773 Title: OVN DB Sync always logs warning messages about updating all router ports To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2030773/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1955578] Re: OVN transaction could not be completed due to a race condition
I have tested neutron version 2:16.4.2-0ubuntu6.4~cloud0 from the cloud- archive:ussuri-proposed repository and can verify the code has this change, and the failure does not occur. I followed the steps from Comment #3: openstack network create test_ap1_net openstack network create test_ap2_net openstack network create test_wan_net openstack subnet create test_ap1_subnet --subnet-range 192.168.210.0/24 --gateway 192.168.210.254 --network test_ap1_net openstack subnet create test_ap2_subnet --subnet-range 192.168.220.0/24 --gateway 192.168.220.254 --network test_ap2_net openstack router create test_ap1_rt openstack router create test_ap2_rt # Don't know how to wait for router HA being active so... sleep 5 :) sleep 5 openstack port create test_ap1_internal_port --network test_ap1_net openstack port create test_ap2_internal_port --network test_ap2_net openstack port create test_ap1_wan_port --network nova openstack port create test_ap2_wan_port --network nova # Here the error can happen openstack router add port test_ap1_rt test_ap1_wan_port I did not see any tracebacks in neutron-server.log regarding the OVN revision number for the port. ** Tags removed: verification-ussuri-needed ** Tags added: verification-ussuri-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1955578 Title: OVN transaction could not be completed due to a race condition To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1955578/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1961112] Re: [ovn] overlapping security group rules break neutron-ovn-db-sync-util
I have tested neutron version 2:16.4.2-0ubuntu6.4~cloud0 from the cloud- archive:ussuri-proposed repository and can verify the code has this change, and the failure does not occur. I followed the steps from the bug description: Created two security group rules, one for 10.0.0.1/8 and the other for 10.0.0.0/8, so SG rule list was similar to this: $ openstack security group rule list overlap-sgr +--+-+---+++---+---+--+ | ID | IP Protocol | Ethertype | IP Range | Port Range | Direction | Remote Security Group | Remote Address Group | +--+-+---+++---+---+--+ | 3c41fa80-1d23-49c9-9ec1-adf581e07e24 | tcp | IPv4 | 10.0.0.1/8 | | ingress | None | None | | 639d263e-6873-47cb-b2c4-17fc824252db | None | IPv4 | 0.0.0.0/0 | | egress | None | None | | 96e99039-cbc0-48fe-98fe-ef28d41b9d9b | tcp | IPv4 | 10.0.0.0/8 | | ingress | None | None | | bf9160a3-fc9b-467e-85d5-c889811fd6ca | None | IPv6 | ::/0 | | egress | None | None | +--+-+---+++---+---+--+ Then ran the ovn DB sync utility: neutron-ovn-db-sync-util --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --ovn- neutron_sync_mode repair It completed successfully without the exception as noted in the bug description. ** Tags removed: verification-ussuri-needed ** Tags added: verification-ussuri-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961112 Title: [ovn] overlapping security group rules break neutron-ovn-db-sync-util To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1961112/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051935] Re: [OVN] SNAT only happens for subnets directly connected to a router
I just tested Ihar's patch using 0.0.0.0/0 for snat, along with Ales' OVN change and various seemed to work - fixed to fixed, fip to fip and others. The only thing I couldn't do is associated a floating IP to a VM on a nested network: $ openstack floating ip set --port e9bca1a2-4672-482a-a3e6-a01dc4671a83 63711dab-40a3-4da3-b4d2-b48c9889b472 ResourceNotFound: 404: Client Error for url: http://172.16.0.158:9696/networking/v2.0/floatingips/63711dab-40a3-4da3-b4d2-b48c9889b472, External network 53133eed-dd5a-4f64-9187-92cfaf609489 is not reachable from subnet 35b38c51-6225-401d-982a-0f51a2c327b3. Therefore, cannot associate Port e9bca1a2-4672-482a-a3e6-a01dc4671a83 with a Floating IP. I think we already have a bug open for that, I think the API is looking at the router's interfaces and barfing, should be more forgiving. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051935 Title: [OVN] SNAT only happens for subnets directly connected to a router To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/2051935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2017748] Re: [SRU] OVN: ovnmeta namespaces missing during scalability test causing DHCP issues
** Changed in: cloud-archive/dalmation Status: New => Fix Released ** Changed in: cloud-archive/caracal Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2017748 Title: [SRU] OVN: ovnmeta namespaces missing during scalability test causing DHCP issues To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2017748/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2088620] Re: Deprecated usage of cpu_util
** Also affects: cloud-archive Importance: Undecided Status: New ** Also affects: cloud-archive/zed Importance: Undecided Status: New ** Also affects: cloud-archive/antelope Importance: Undecided Status: New ** Also affects: cloud-archive/yoga Importance: Undecided Status: New ** Also affects: cloud-archive/bobcat Importance: Undecided Status: New ** Also affects: cloud-archive/dalmation Importance: Undecided Status: New ** Also affects: cloud-archive/caracal Importance: Undecided Status: New ** Also affects: cloud-archive/epoxy Importance: Undecided Status: New ** Changed in: cloud-archive/epoxy Status: New => Fix Released ** Changed in: cloud-archive/dalmation Status: New => Fix Released ** Changed in: cloud-archive/caracal Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2088620 Title: [SRU] Deprecated usage of cpu_util To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2088620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2088620] Re: [SRU] Deprecated usage of cpu_util
** Summary changed: - Deprecated usage of cpu_util + [SRU] Deprecated usage of cpu_util -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2088620 Title: [SRU] Deprecated usage of cpu_util To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2088620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2088620] Re: [SRU] Deprecated usage of cpu_util
** Tags added: sts -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2088620 Title: [SRU] Deprecated usage of cpu_util To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2088620/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058138] Re: Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups
** Also affects: cloud-archive Importance: Undecided Status: New ** Also affects: neutron (Ubuntu) Importance: Undecided Status: New ** Also affects: neutron (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: neutron (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: neutron (Ubuntu Noble) Importance: Undecided Status: New ** Changed in: neutron (Ubuntu Noble) Status: New => Fix Released ** Changed in: neutron (Ubuntu) Assignee: (unassigned) => Brian Haley (brian-haley) ** Also affects: neutron/yoga Importance: Undecided Status: New ** No longer affects: neutron/yoga ** Also affects: cloud-archive/bobcat Importance: Undecided Status: New ** Also affects: cloud-archive/antelope Importance: Undecided Status: New ** Also affects: cloud-archive/caracal Importance: Undecided Status: New ** Also affects: cloud-archive/yoga Importance: Undecided Status: New ** Also affects: cloud-archive/zed Importance: Undecided Status: New ** Changed in: cloud-archive/caracal Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058138 Title: Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2058138/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058138] Re: Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups
Still working on jammy-yoga debdiff for UCA ** Patch added: "Debdiff for Jammy" https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/2058138/+attachment/5875478/+files/jammy.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058138 Title: Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2058138/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058138] Re: Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups
** Description changed: + [Impact] + + Security Group rules using a remote address group are now supported on older + versions of Neutron, back to Yoga. + + [Test Case] + + Assuming neutron is configured to use the iptables firewall driver, you should + now be able to add a security group rule specifying a --remote-address-group + parameter where previously it would fail. + + [Where problems could occur] + + Problem would occur when adding a security group rule with --remote- + address-group paremeter. + + [Others] + + == ORIGINAL DESCRIPTION == + High level description - The Neutron API allows operators to configure remote address groups [1], however the OVSHybridIptablesFirewallDriver and IptablesFirewallDriver do not implement these remote group restrictions. When configuring security group rules with remote address groups, connections get enabled based on other rule parameters, ignoring the configured remote address group restrictions. This behaviour undocumented, and may lead to more-open-than-configured network access. Background - Remote address groups enable specifying rules that target many CIDRs efficiently. In line with the remote security group support, this should be implemented through the use of hashed ipsets in case of the IptablesFirewallDriver. Pre-conditions - * Using OVSHybridIptablesFirewallDriver or IptablesFirewallDriver * Configured remote Address Groups. Version - All OpenStack versions with remote address group support are impacted. We noticed it on 2024.1. [1] https://docs.openstack.org/python- openstackclient/latest/cli/command-objects/address-group.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058138 Title: Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2058138/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058138] Re: Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups
** Patch added: "jammy-yoga.debdiff" https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/2058138/+attachment/5875479/+files/jammy-yoga.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058138 Title: Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2058138/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058138] Re: [SRU] Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups
** Summary changed: - Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups + [SRU] Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058138 Title: [SRU] Neutron OVSHybridIptablesFirewallDriver and IptablesFirewallDriver don't enforce Remote address groups To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2058138/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2017748] Re: [SRU] OVN: ovnmeta namespaces missing during scalability test causing DHCP issues
I agree with Ed's assessment and think we should just go forward with the jammy/yoga change. It is also much smaller in scope and simply addresses the bug in question by making sure we don't accidentally merge two notifications into one, causing issues with the port binding. Please refer to that debdiff or the Yoga change [0] for more information. [0] https://review.opendev.org/c/openstack/neutron/+/926656 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2017748 Title: [SRU] OVN: ovnmeta namespaces missing during scalability test causing DHCP issues To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2017748/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2090992] Re: [SRU] alembic database migrations missing from package
So looking at the tags on this bug: verification-needed-noble verification-caracal-done verification-needed It shows that verification is not complete, and i think the caracal tag is wrong, should be verification-done-caracal even though the message above says differently. Also, the noble tag is still there. If you tested on noble you can flip that tag as well, then i think things will automatically progress. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2090992 Title: [SRU] alembic database migrations missing from package To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/2090992/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2115795] Re: UDP fragmented packets not passing through in DPDK when destination port is defined
Just to add a note, when we do something like the following, things seem to work: ovs-ofctl -O OpenFlow13 add-flow br-int "table=0,priority=101,ip,ct_state=-trk,actions=ct(table=0)" ovs-ofctl -O OpenFlow13 add-flow br-int "table=44,priority=2003,ip,ct_nw_proto=17,ct_tp_dst=5060,ct_state=+new+trk,actions=ct(commit),normal,resubmit(,45)" The first command in essence matches IP packets that have not yet been tracked by conntrack, and adds various attributes around the connection tracker. The second command then matches the connection tracker destination port that is UDP (ct_nw_proto=17) as required. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2115795 Title: UDP fragmented packets not passing through in DPDK when destination port is defined To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ovn/+bug/2115795/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
