Router gets address allocation from all new gw subnets
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
High
|
Andrew Boik | ||
Kilo |
New
|
Undecided
|
Unassigned |
Bug Description
When a new subnet is created on an external network, all existing routers with gateways on the network will get a new address allocated from it. This could be pretty bad for IPv4 networks where the addresses are scarce and therefore valuable. In some cases, the entire new subnet could be consumed by router gateway ports alone.
Adding an IP address replaces the default route on a Neutron router. In Kilo, Neutron now automatically allocates an IP address for the WAN interface on Neutron routers when a subnet on the external network is created. Previously, there was a check to allow a maximum of one IP address on a Neutron router gateway port. This check, however, was removed, and this patch replaces that check and allows one IPv6 address in addition to the IPv4 address to support dual-stack.
The combination of the automatic update of a router gateway port upon creation of a subnet and the absence of a check on the number of fixed IPs causes a change in behavior to that of Neutron in the Juno release.
An issue is that creation of a subnet with a gateway IP on the external network replaces all default routes of Neutron routers on that network. This is not the behavior operators expect based on previous releases, and is most likely not the behavior they want - and as a result it could cause loss of external connectivity to tenants based on the network configuration.
We need to validate a router's gateway port during creation and update of a router gateway port by ensuring it has no more than one v4 fixed IP and one v6 fixed IP.
Changed in neutron: | |
assignee: | nobody → Andrew Boik (drewboik) |
status: | New → In Progress |
Changed in neutron: | |
importance: | Undecided → Medium |
tags: | added: kilo-backport-potential kilo-rc-potential |
description: | updated |
description: | updated |
tags: | removed: kilo-backport-potential |
Changed in neutron: | |
milestone: | none → liberty-1 |
tags: | added: kilo-backport-potential |
summary: |
- Validate number of addresses for router GW port + Router gw gets address allocation from all new subnets |
summary: |
- Router gw gets address allocation from all new subnets + Router gets address allocation from all new gw subnets |
description: | updated |
tags: | added: l3-ipam-dhcp |
tags: | removed: kilo-rc-potential |
Changed in neutron: | |
status: | Fix Committed → Fix Released |
Changed in neutron: | |
milestone: | liberty-1 → 7.0.0 |
https:/ /review. openstack. org/#/c/ 167784/