Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 2008155

Summary: "process_floating_ip_nat_rules_for_centralized_floatingip" should check if self.snat_iptables_manager was initialized
Product: Red Hat OpenStack Reporter: Rodolfo Alonso <ralonsoh>
Component: openstack-neutronAssignee: Rodolfo Alonso <ralonsoh>
Status: CLOSED INSUFFICIENT_DATA QA Contact: Eran Kuris <ekuris>
Severity: unspecified Docs Contact:
Priority: medium    
Version: 13.0 (Queens)CC: ccamposr, chrisw, jveiraca, scohen
Target Milestone: ---Keywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-11 13:48:24 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rodolfo Alonso 2021-09-27 12:52:27 UTC 
Description of problem:
L3 agent configuration: agent_mode=dvr_snat.
The L3 agent is located in a controller node, acting as a DVR edge router.

When "process_floating_ip_nat_rules_for_centralized_floatingip" is called, this method should check first if "self.snat_iptables_manager" has been initialized. The method "process_floating_ip_nat_rules_for_centralized_floatingip" is called from:
  <-- DvrEdgeRouter.process_floating_ip_nat_rules
  <-- RouterInfo.process_snat_dnat_for_fip
  <-- RouterInfo.process_external
  
The method "RouterInfo.process_external" will first call "RouterInfo._process_external_gateway" --> "DvrEdgeRouter.external_gateway_added" --> "DvrEdgeRouter._create_dvr_gateway". This last method initializes the SNAT iptables manager [1] (this code has been around unchanged six years).

However "DvrEdgeRouter.external_gateway_added" is only called if "ex_gw_port" exists. That means if the GW port does not exist, the SNAT iptables manager is None. 


[1]https://github.com/openstack/neutron/blob/1d450dbddc8c3d34948ab3d9a8346dd491d9cc7c/neutron/agent/l3/dvr_edge_router.py#L196-L198

Version-Release number of selected component (if applicable):
OSP-13.



How reproducible:



Steps to Reproduce:
(I'm not 100% sure, I still need to check) Create a FIP in a SNAT DVR router without GW port.



Actual results:


Expected results:


Additional info: