Hello neutrinos, last week we started a new bug deputy rotation, opening this round here are the bugs reported in week 11. This was relatively quiet (for new bugs count), and most bugs have active discussion or suggested fix Critical * [security] Add allowed-address-pair 0.0.0.0/0 to one port will open all others' protocol under same security group - https://bugs.launchpad.net/neutron/+bug/1867119 A follow-up to security bug https://bugs.launchpad.net/neutron/+bug/1793029 (which was fixed in documentation) Potential code fix at https://review.opendev.org/712632 - reviews and opinions most welcome Medium * Restart neutron-linuxbridge-agent service led to all ports status changed - https://bugs.launchpad.net/neutron/+bug/1866743 Reported on Pike/Queens, pretty standard configuration, may be l2pop Related gerrit question: https://review.opendev.org/713156 * MTU too large error presented on create but not update - https://bugs.launchpad.net/neutron/+bug/1867214 Suggested fix: https://review.opendev.org/712801 Low * Packets incorrectly marked as martian - https://bugs.launchpad.net/neutron/+bug/1866615 Martian packets logged with some specific setup, VMs are working fine though, switching to ovs firewall workarounds the issue * Deployment has security group with empty tenant id - https://bugs.launchpad.net/neutron/+bug/1867101 Some master devstacks deployments like networking-odl get empty project ID for default security group * Unnecessary network flapping while update floatingip without port or fixed ip changed - https://bugs.launchpad.net/neutron/+bug/1867122 OVN mech driver only, some discussion about relevant use-case for FIP update in LP and patch https://review.opendev.org/712641 Incomplete * router-update for internal networking not correct when restarting ovs-agent - https://bugs.launchpad.net/neutron/+bug/1866635 Missing flows on restart, I asked for more logs - may be missing tunnel during restart Update from previous week * br-int bridge in one compute can't learn MAC addresses of VMs in other compute nodes - https://bugs.launchpad.net/neutron/+bug/1866445 Was closed as duplicate of bug #1732067 but they do not use OVS firewall Patch for iptables_hybrid proposed: https://review.opendev.org/712640 Last bug I triaged is 1867214, handing over the deputy baton to slaweq -- Bernard Cafarelli