Reviewed: https://review.opendev.org/708852 Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=3d3b61f8792277b303e10bce51512d9a73ef187e Submitter: Zuul Branch: master
commit 3d3b61f8792277b303e10bce51512d9a73ef187e Author: Maciej Józefczyk <mjoze...@redhat.com> Date: Thu Feb 20 11:27:13 2020 +0000 Revert "[OVN] Set 'unknown' address properly when port sec is disabled" We can now revert this patch, because main cause has been already fixed in Core OVN [1]. With this fix the ARP responder flows are not installed on LS pipeline, when LSP has port security disabled, and an 'unknown' address is set in addresses column. This makes MAC spoofing possible. [1] https://patchwork.ozlabs.org/patch/1258152/ This reverts commit 03b87ad963d5d8165a92e5c7c284c1517333dd00. Change-Id: Ie4c87d325b671348e133d62818d99af147d50ca2 Closes-Bug: #1864027 ** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1864027 Title: [OVN] DHCP doesn't work while instance has disabled port security Status in neutron: Fix Released Bug description: While instance has disabled port security its not able to reach DHCP service. Looks like the change [1] introduced this regression. Port has [unknown] address set: +-----------------------+--------------------------------------------------------------------------------------------------------+ root@mjozefcz-ovn-train-lb:~# ovn-nbctl list logical_switch_port a09a1ac7-62ad-46ad-b802-c4abf65dcf70 _uuid : 32a741bc-a185-4291-8b36-dc9c387bb662 addresses : [unknown] dhcpv4_options : 7c94ec89-3144-4920-b624-193d968c637a dhcpv6_options : [] dynamic_addresses : [] enabled : true external_ids : {"neutron:cidrs"="10.2.1.134/24", "neutron:device_id"="9f4a705f-b438-4da1-975d-1a0cdf81e124", "neutron:device_owner"="compute:nova", "neutron:network_name"=neutron-cd1ee69d-06b6-4502-ba26-e1280fd66ad9, "neutron:port_fip"="172.24.4.132", "neutron:port_name"="", "neutron:project_id"="98b165bfeeca4efd84724f3118d84f6f", "neutron:revision_number"="4", "neutron:security_group_ids"=""} ha_chassis_group : [] name : "a09a1ac7-62ad-46ad-b802-c4abf65dcf70" options : {requested-chassis=mjozefcz-ovn-train-lb} parent_name : [] port_security : [] tag : [] tag_request : [] type : "" up : true ovn-controller doesn't respond for DHCP requests. It was caught by failing OVN Provider driver tempest test: octavia_tempest_plugin.tests.scenario.v2.test_traffic_ops.TrafficOperationsScenarioTest [1] https://review.opendev.org/#/c/702249/ To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1864027/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp