neutron

  1. Bug #1901992
  2. Comment #7

Comment 7 for bug 1901992

Revision history for this message
Bence Romsics (bence-romsics) wrote : Re: Destination 0.0.0.0/0 static route cause snat unable to go external

In a DVR environment with an external gateway I was able to reproduce the part of the bug Liu wrote about in comment #4. Please see below:

$ openstack router create router2
$ router_id="$( openstack router show router2 -f value -c id )"

$ openstack network create net2
$ openstack subnet create --network net2 --use-default-subnet-pool subnet2
$ openstack router set --external-gateway public router2
$ openstack router add subnet router2 subnet2

# we have a default route to start with
$ sudo ip netns exec "snat-$router_id" ip route
default via 172.24.4.1 dev qg-9235492c-11 proto static
10.0.0.64/26 dev sg-7ef787ed-d0 proto kernel scope link src 10.0.0.80
172.24.4.0/24 dev qg-9235492c-11 proto kernel scope link src 172.24.4.40

$ openstack subnet show subnet2
+----------------------+--------------------------------------+
| Field | Value |
 +----------------------+--------------------------------------+
| allocation_pools | 10.0.0.66-10.0.0.126 |
| cidr | 10.0.0.64/26 |
| created_at | 2020-10-29T15:17:57Z |
| description | |
| dns_nameservers | |
| dns_publish_fixed_ip | None |
| enable_dhcp | True |
| gateway_ip | 10.0.0.65 |
| host_routes | |
| id | 7bfb1bc6-e5d9-4f57-a4f1-118cfbc2eb0b |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | subnet2 |
| network_id | e46a48c2-4458-48c6-ad21-bdf47a9638b5 |
| prefix_length | None |
| project_id | 928bf5e466e245039d17bd2f5c3139bd |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | 4d5019e3-fe19-4433-b491-bc40cb07fe04 |
| tags | |
| updated_at | 2020-10-29T15:17:57Z |
 +----------------------+--------------------------------------+

$ openstack router set router2 --no-route --route destination=0.0.0.0/0,gateway=10.0.0.70

# default route is overriden by /0 extraroute
$ sudo ip netns exec "snat-$router_id" ip route
default via 10.0.0.70 dev sg-7ef787ed-d0 proto static
10.0.0.64/26 dev sg-7ef787ed-d0 proto kernel scope link src 10.0.0.80
172.24.4.0/24 dev qg-9235492c-11 proto kernel scope link src 172.24.4.40

$ openstack router set router2 --no-route

# original default route is not recovered after deleting /0 extraroute
$ sudo ip netns exec "snat-$router_id" ip route
10.0.0.64/26 dev sg-7ef787ed-d0 proto kernel scope link src 10.0.0.80
172.24.4.0/24 dev qg-9235492c-11 proto kernel scope link src 172.24.4.40