When compute service is present on same node as dnsmasq, dhcpoffer does not reaches the server instance booted on that node. Reproduced with VLANManager, though it could/should be affecting also FlatDHCP. Issue here is, that packets don't get checksum filled (as they don't leave via network interface), this does not happens with software emulation as that one handles checksum, so only happens on kvm with nested virtualization or on real hw. > openstack-nova-api.noarch 2013.2.3-7.el6ost > openstack-nova-compute.noarch 2013.2.3-7.el6ost > openstack-nova-network.noarch 2013.2.3-7.el6ost > python-nova.noarch 2013.2.3-7.el6ost > python-novaclient.noarch 1:2.15.0-4.el6ost It should be possible to reproduce it with just one node deployment, probably with packstack --allinone style setup (+novanetwork). - boot some image (for ex. cirros) - check the instance log that it didn't got dhcp replies and is retrying - - if this does not works, use with vlanmanager setup instead (no need to have it really routed to the network - it's local AIO issue anyway) - have tcpdump listening on the ifc for that server instance (check it's libvirt xml file) - - wrap that tcpdump in some bash loop or so, as that ifc will disappear for a short moment - - like: for x in $(seq 5); do tcpdump -lenx -nn -i vnet1 -s 1500 port bootps or port bootpc; sleep 0.2; done - hard reboot instance - see that dhcp request goes out and dhcp offer in - but still in vm dhcp client is waiting for the reply (opt. you can also tcpdump inside etc) Workaround is to deploy iptable rule to enforce filling of checksum like: > iptables -tmangle -A POSTROUTING -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill fix already contained in icehouse branch is to do it per corresponding interface. As this was already fixed in icehouse branch, there is proposed backport at https://review.openstack.org/#/c/96732/ .
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2014-1084.html