Bug 2110726

Summary: rndc uses internal api source address to talk to bind, requiring asymmetric routing
Product: Red Hat OpenStack Reporter: Brent Eagles <beagles>
Component: tripleo-ansibleAssignee: Brent Eagles <beagles>
Status: CLOSED DUPLICATE QA Contact: Joe H. Rahme <jhakimra>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 17.0 (Wallaby)CC: njohnston
Target Milestone: AlphaKeywords: Triaged
Target Release: 17.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-07-26 15:55:45 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Brent Eagles 2022-07-25 18:36:30 UTC 
rndc is executed by designate worker to send commands to bind. designate worker is hosted on the internal API network but deployed bind is hosted on the public API network. Due to the asymmetric routing and strict reverse path filtering, this results in rndc calls hanging when a worker tries to execute a command on a bind on another node.

This is 100% reproducible with multi-controller deployments.
Comment 5 Brent Eagles 2022-07-26 15:55:45 UTC 
Closing as a duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=2073026. While slightly different, they are the same functional issue (networking issues between rndc and bind instances)

*** This bug has been marked as a duplicate of bug 2073026 ***