*** This bug is a duplicate of bug 1318104 ***
https://bugs.launchpad.net/bugs/1318104
** This bug has been marked a duplicate of bug 1318104
dhcp isolation via iptables does not work
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1415592
Title:
Instance DHCP Request are Sometimes Answered by Remote Dnsmasq
Status in OpenStack Compute (nova):
Confirmed
Bug description:
When an instance sends out a DHCPDISCOVER or DHCPREQUEST, it sometimes
leaves the compute node and gets answered by Dnsmasq running on
another compute node. The remote Dnsmasq will always respond with
"DHCPNAK no address available" (to DHCPDISCOVER) or "DHCPNAK address
not available" (to DHCPREQUEST), because it doesn't have an entry for
that instance in its config file.
Syslog:
Jan 28 15:31:04 xxxxx dnsmasq-dhcp[10454]: DHCPREQUEST(brxxx) 192.168.0.x
12:34:56:78:90:ab
Jan 28 15:31:04 xxxxx dnsmasq-dhcp[10454]: DHCPNAK(brxxx) 192.168.0.x
12:34:56:78:90:ab address not available
Expected Behaviour:
According to blueprint (https://review.openstack.org/#/c/16578/), when
share_dhcp_address is set to true, the dhcp messages should be firewalled using
iptables and ebtables
Environment:
- Icehouse 2014.1.3
- Ubuntu 14.04
- Multihost mode
- Multiple compute nodes
- nova-network Vlan-Manager
- dnsmasq version 2.68
- nova-compute and nova-network run on the same node (other services run on
other nodes)
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1415592/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
