[neutron] Bug deputy report (week starting on 2020-03-09)

Bernard Cafarelli bcafarel at redhat.com
Mon Mar 16 09:37:26 UTC 2020


Hello neutrinos,

last week we started a new bug deputy rotation, opening this round here are
the bugs reported in week 11.

This was relatively quiet (for new bugs count), and most bugs have active
discussion or suggested fix

Critical
* [security] Add allowed-address-pair 0.0.0.0/0 to one port will open all
others' protocol under same security group -
https://bugs.launchpad.net/neutron/+bug/1867119
  A follow-up to security bug
https://bugs.launchpad.net/neutron/+bug/1793029 (which was fixed in
documentation)
  Potential code fix at https://review.opendev.org/712632 - reviews and
opinions most welcome

Medium
* Restart neutron-linuxbridge-agent service led to all ports status changed
- https://bugs.launchpad.net/neutron/+bug/1866743
  Reported on Pike/Queens, pretty standard configuration, may be l2pop
  Related gerrit question: https://review.opendev.org/713156
* MTU too large error presented on create but not update -
https://bugs.launchpad.net/neutron/+bug/1867214
  Suggested fix: https://review.opendev.org/712801

Low
* Packets incorrectly marked as martian -
https://bugs.launchpad.net/neutron/+bug/1866615
  Martian packets logged with some specific setup, VMs are working fine
though, switching to ovs firewall workarounds the issue
* Deployment has security group with empty tenant id -
https://bugs.launchpad.net/neutron/+bug/1867101
  Some master devstacks deployments like networking-odl get empty project
ID for default security group
* Unnecessary network flapping while update floatingip without port or
fixed ip changed - https://bugs.launchpad.net/neutron/+bug/1867122
  OVN mech driver only, some discussion about relevant use-case for FIP
update in LP and patch https://review.opendev.org/712641

Incomplete
* router-update for internal networking not correct when restarting
ovs-agent - https://bugs.launchpad.net/neutron/+bug/1866635
  Missing flows on restart, I asked for more logs - may be missing tunnel
during restart

Update from previous week
* br-int bridge in one compute can't learn MAC addresses of VMs in other
compute nodes - https://bugs.launchpad.net/neutron/+bug/1866445
  Was closed as duplicate of bug #1732067 but they do not use OVS firewall
  Patch for iptables_hybrid proposed: https://review.opendev.org/712640

Last bug I triaged is 1867214, handing over the deputy baton to slaweq

-- 
Bernard Cafarelli
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20200316/e31d9aaa/attachment-0001.html>


More information about the openstack-discuss mailing list