subnet mapping broken with overlapping ips
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Group Based Policy |
Triaged
|
High
|
Robert Kukura |
Bug Description
This is reproducible when overlapping IPs are enabled in Neutron.
Whenever a new EPG is created, all the subnets previously assigned to all the other EPGs on that L3_Policy plus a new one are associated with it:
l2p_web
epg_web 172.16.0.0/26
l2p_client-1
epg_client-1 172.16.0.0/26
epg_client-1 172.16.0.64/26
l2p_client-2
epg_client-2 172.16.0.0/26
epg_client-2 172.16.0.64/26
epg_client-2 172.16.0.128/26
Looking at the current implementation, this happens because the subnet creation is not refused, and attaching the router interface to any associated subnet fails with a BadRequest exception (2 interfaces in overlapping subnets are not allowed).
This causes the implicit subnet loop to repeat itself again, until a brand new subnet is associated with the EPG (that's why the more EPGs are created the more subnets are associated with them).
Changed in group-based-policy: | |
importance: | Undecided → Critical |
importance: | Critical → High |
Changed in group-based-policy: | |
status: | New → Confirmed |
assignee: | nobody → Robert Kukura (rkukura) |
milestone: | none → juno-release |
Changed in group-based-policy: | |
milestone: | 2014.2rc2 → kilo-gbp-1 |
Changed in group-based-policy: | |
milestone: | kilo-gbp-2 → kilo-gbp-3 |
Changed in group-based-policy: | |
milestone: | kilo-gbp-3 → next |
Changed in group-based-policy: | |
status: | Confirmed → Triaged |
Fix proposed to branch: master /review. openstack. org/132319
Review: https:/