Public bug reported:
neutron-linuxbridge-agent fails and gets stuck when cleaning up ARP
protection rules:
neutron-linuxbridge-agent[3049824]: Exit code: 4; Cmd: ['ebtables',
'-t', 'nat', '--concurrent', '-D', 'neutronMAC-tap50f1af99-28', '-i',
'tap50f1af99-28', '--among-src', 'fa:16:3e:ba:10:2a', '-j', 'RETURN'];
Stdin: ; Stdout: ; Stderr: ebtables v1.8.7 (nf_tables): RULE_DELETE
failed (Invalid argument): rule in chain neutronMAC-tap50f1af99-28
Afterward, it stops responding to RPC messages and nova-compute times
out waiting for vif-plugged events.
Version:
* OpenStack Zed from Ubuntu cloud archive
* Ubuntu 22.04 LTS
* 5.15.0-91-generic #101-Ubuntu
* Deployed via Ubuntu cloud archive packages
Context:
The document
https://github.com/openstack/neutron/blob/stable/zed/doc/source/admin/deploy-
lb.rst mentions some resolved issues with ebtables based on nftables,
and the scenarios from the linked bug reports do work. The issue here
appears to only happens when removing ARP spoofing rules. We have a few
compute hosts with a high churn, many instances created and deleted. On
these, neutron-linuxbridge-agent works visibly fine until it becomes too
stuck.
** Affects: neutron
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2049546
Title:
neutron-linuxbridge-agent ebtables RULE_DELETE failed (Invalid
argument)
Status in neutron:
New
Bug description:
neutron-linuxbridge-agent fails and gets stuck when cleaning up ARP
protection rules:
neutron-linuxbridge-agent[3049824]: Exit code: 4; Cmd:
['ebtables', '-t', 'nat', '--concurrent', '-D', 'neutronMAC-
tap50f1af99-28', '-i', 'tap50f1af99-28', '--among-src',
'fa:16:3e:ba:10:2a', '-j', 'RETURN']; Stdin: ; Stdout: ; Stderr:
ebtables v1.8.7 (nf_tables): RULE_DELETE failed (Invalid argument):
rule in chain neutronMAC-tap50f1af99-28
Afterward, it stops responding to RPC messages and nova-compute times
out waiting for vif-plugged events.
Version:
* OpenStack Zed from Ubuntu cloud archive
* Ubuntu 22.04 LTS
* 5.15.0-91-generic #101-Ubuntu
* Deployed via Ubuntu cloud archive packages
Context:
The document
https://github.com/openstack/neutron/blob/stable/zed/doc/source/admin/deploy-
lb.rst mentions some resolved issues with ebtables based on nftables,
and the scenarios from the linked bug reports do work. The issue here
appears to only happens when removing ARP spoofing rules. We have a
few compute hosts with a high churn, many instances created and
deleted. On these, neutron-linuxbridge-agent works visibly fine until
it becomes too stuck.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2049546/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
