Open Stack

Hi Ihar,

Although this patch changes the behavior of floating IP, I believe the
previous behavior
is a bug as discussed in OSSN-0020 [1]. If a project admin
disassociates a floating IP,
the project admin expects connections related to the floating IP are
not able to be reachable
any more in most cases. OSSN-0020 suggests to terminate all
connections to an instance
associated with the floating IP but it is not easy to do so. The new
behavior is desirable and
the expected behavior when designed. In addition, it is the behavior
of nova-network.
IMO this kind of bug behaviors can be fixed in the stable release to
make the Neutron behavior less confusing.

I hope this FFE is granted but I can't say any more.

[1] https://wiki.openstack.org/wiki/OSSN/OSSN-0020

Thanks,
Akihiro

On Mon, Sep 29, 2014 at 6:33 PM, Ihar Hrachyshka <ihrachys at redhat.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi Akihiro,
>
> I'm a bit concerned that this patch introduces user-visible change in
> behaviour. Though we may claim that dropping active connections right
> after floating-ip is unuassigned is the right thing to do, users of
> stable branches may think otherwise.
>
> That said, formally there is nothing in wiki [1] that forbids changes
> in behaviour.
>
> So I'm kinda agnostic about the request.
>
> [1]: https://wiki.openstack.org/wiki/StableBranch#Appropriate_Fixes
>
> /Ihar
>
> On 29/09/14 08:41, Akihiro Motoki wrote:
>> Hi,
>>
>> I would like to request a FFE for a neutron patch [0]
>>
>> It is a security bug fix [1] and the corresponding OSSN was issued
>> two weeks ago. The patch in the master landed a few days ago. I
>> believe it is a nice fix in the next stable update.
>>
>> As far as I checked it satiifes the criteria of a stable backport
>> and it looks good to go.
>>
>> [0] https://review.openstack.org/#/c/124375/ [1]
>> https://bugs.launchpad.net/neutron/+bug/1334926
>>
>> Thanks, Akihiro _______________________________________________
>> Openstack-stable-maint mailing list
>> Openstack-stable-maint at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint
>>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
>
> iQEcBAEBCgAGBQJUKSdQAAoJEC5aWaUY1u57nggH/jE2CI0M93LgwiswqQIIEDwe
> LW9AptPz9fdWguXERWmGm5yeUiCEfjAfiwU4eG89aFc/muW7vFIZX/cSeeG4YasQ
> ZSeotHGSotn9JUp7oT0+HyXMHpcw3YnoLjZwOmlZAUqE0ag5Dn+idpVPE1yQMUDA
> aVrFjMaItRA6N+JY9Mbrt6KTbsjIW86oOdzOQ37DOrj3+Qu0LidBJSLwByu6sFzI
> aCS8cAFyROUmz7kGxES4coBoB0rUt4+fkPS6wvTtrVKrO9lMTBKZm6UzF4AgcC7K
> bNrpDbhj4GDnj3/pEcFU105Lvbio/XsuixIAP8Rb93vGl0TmrXzccRysiLd6Wbg=
> =xPXQ
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Openstack-stable-maint mailing list
> Openstack-stable-maint at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-stable-maint



-- 
Akihiro Motoki <amotoki at gmail.com>