[Openstack-operators] Neutron DHCP agent local routes

Neil Jerram Neil.Jerram at metaswitch.com
Fri Apr 22 11:16:38 UTC 2016 

On 22/04/16 12:03, Remco wrote:
> Hi Neil,
>
> Thanks.
> The ip route output is as following, i guess the 0.0.0.0 gateway is only
> listed by cloud-init:
>
> debian at instance:/$ ip route
> default via 192.168.10.1 dev eth0
> 192.168.10.0/24 <http://192.168.10.0/24> dev eth0  scope link
> 169.254.169.254 via 192.168.10.1 dev eth0
> 192.168.11.0/24 <http://192.168.11.0/24> dev eth0  scope link
> 192.168.12.0/24 <http://192.168.12.0/24> dev eth0  proto kernel  scope
> link  src 192.168.10.2
>
> (ip addresses are altered for security reasons).

Thanks for these clarifications.

> I'm not sure what creates these routes. I have two suspects: cloud-init
> and DHCP. As the same issue is observed on instances without cloud-init
> this rules out cloud-init.
> We see the same issue on both Windows and Linux instances.

OK, I think you're seeing the effect of this DHCP agent code, from 
neutron/agent/linux/dhcp.py:

                 host_routes.extend(["%s,0.0.0.0" % (s.cidr) for s in
                                     self.network.subnets
                                     if (s.ip_version == 4 and
                                         s.cidr != subnet.cidr)])

AFAICS there is no obvious knob for suppressing this logic.

The code was added in commit 6dce817c7c2, and the commit message says:

=============8<=================
Provide routes for neighbor IPv4 subnets

Network may contain several Subnets.  In this case all these subnets are
accessible via same link and two VMs with addresses from different
Subnets may talk to each other directly, bypassing default router.  For
this to work, "neighbour Subnets" should have entry in VM's routing
tables.  RFC3442 describes this situation:

    In some cases more than one IP subnet may be configured on a link.
    In such cases, a host whose IP address is in one IP subnet in the
    link could communicate directly with a host whose IP address is in a
    different IP subnet on the same link. In cases where a client is
    being assigned an IP address on an IP subnet on such a link, for each
    IP subnet in the link other than the IP subnet on which the client
    has been assigned the DHCP server MAY be configured to specify a
    router IP address of 0.0.0.0.

When network contains more that one IPv4 subnets, report these subnets
in 'classless-static-routes' DHCP option.

DocImpact

Change-Id: Ifcf1d99e0f0136bf52b8d13675b7ccfd48005fab
Closes-Bug: #1372885
=============8<=================

So I guess the next question is: in what way does your networking setup 
not conform to the assumptions in that commit message?

Regards,
	Neil

More information about the OpenStack-operators mailing list