)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":9531,"name":"liuyulong","display_name":"LIU Yulong","email":"i@liuyulong.me","username":"LIU-Yulong"},"change_message_id":"b54f2232fdeb53bb8ab3140b896b0d7d7c40b53e","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"97c40b49_22e10b6c","updated":"2022-04-02 01:38:01.000000000","message":"For the part of blocking IPv6 traffic, IMO, it is an alternative fix, it can work, +1 for this.\n\n-1 for two reasons:\n1. Please do revert work and alternative fix in different patches.\n2. MLDv2 is just one case, in real running environments, any residual IPv4/IPv6 addresses will cause physical devices failed to find (ARP/NDP) the right destination, this happens when keepalived is dead. Large HA router resources in one same hosts may also encounter such kind of problem.\n\nSo for the link down fix, all cases can be covered. And I\u0027m going to add a config option here https://review.opendev.org/c/openstack/neutron/+/834260, if users do not want to set link down, set up then.\n\n\nThanks","commit_id":"acd084613a41f9d5fdc7d780d88187379ad002d1"},{"author":{"_account_id":32666,"name":"Damian Dąbrowski","email":"damian@dabrowski.cloud","username":"ddabrowski"},"change_message_id":"a5b709d75977d84891fa2795358ca48342a79a42","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"f259c103_8d992eac","updated":"2022-04-01 16:11:23.000000000","message":"Thanks a lot! \nI\u0027m going to test this patch next week","commit_id":"acd084613a41f9d5fdc7d780d88187379ad002d1"},{"author":{"_account_id":16688,"name":"Rodolfo Alonso","email":"ralonsoh@redhat.com","username":"rodolfo-alonso-hernandez"},"change_message_id":"046f5630d1d2af7aedfd16f72c266c38a9be137c","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"5792ded3_ffa9d518","updated":"2022-04-01 16:10:01.000000000","message":"This patch doesn\u0027t implement any testing.\n\nHowever you are welcome to review and comment the strategy adopted. Thanks!","commit_id":"acd084613a41f9d5fdc7d780d88187379ad002d1"},{"author":{"_account_id":11975,"name":"Slawek Kaplonski","email":"skaplons@redhat.com","username":"slaweq"},"change_message_id":"67e2265c2bd13fac1ac7f782626c2c65a55e2f25","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"98a8f8f5_62e68b60","updated":"2022-04-12 08:26:42.000000000","message":"I didn\u0027t check that patch carefully but CI failures seems that may be related to this change. Please check it.","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":32666,"name":"Damian Dąbrowski","email":"damian@dabrowski.cloud","username":"ddabrowski"},"change_message_id":"21318ea4197fb503b3430511af41ce9e41c766db","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":2,"id":"a25c5574_71c3416b","updated":"2022-04-28 01:03:25.000000000","message":"Ok, so I see few problems with this patch:\n- possible race condition - keepalived is started first, then qg-* interface is brought up. If qg-* interface is down when keepaalived tries to send GARPs, it will fail.\n- qg-* interface contains router\u0027s GW address on standby router\n- qg-* interface contains link-local address\n\n\nI spend few more hours on this and I think I came up with a slightly different solution: https://review.opendev.org/c/openstack/neutron/+/839671\n\nJust to summarize it:\n- qg-* interface will be always up on both active\u0026standby router\n- qg-* interface won\u0027t have link-local nor GW address on standby router\n- empty qg-* interface on standby router won\u0027t send any packets(GARP,MLDv2,multicast (un)subscribe etc.)\n- GARPs will be sent properly on master transition because qg-* interface is always up\n\n\nWhat do You think about it?","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":26832,"name":"Stefan Hoffmann","email":"stefan.hoffmann@cloudandheat.com","username":"shoffmann"},"change_message_id":"132f79d2e81991d11716769f6791b857c13403b5","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"0364093d_cda98857","updated":"2022-04-05 13:47:05.000000000","message":"The fix looks good to me, but didn\u0027t this allow IPv6 related traffic like MLDv2 and other on the interface of an router in backup state?\nWhat is your idea of preventing that?\n\nOtherwise I guess it\u0027s better to combine this fix with https://review.opendev.org/c/openstack/neutron/+/834260 from Lui Yulong.","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":26832,"name":"Stefan Hoffmann","email":"stefan.hoffmann@cloudandheat.com","username":"shoffmann"},"change_message_id":"56ce2148908222ebf7bbd58b231b89a8ad39470c","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":2,"id":"7861aca0_a90d0fc3","updated":"2022-04-13 15:11:36.000000000","message":"We tested this patch and still see ipv6 neighbor packages as soon as the interface is up on the qg interface.\n\nSo till we don\u0027t have another patch that solves that, I vote for not merging this.","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":26832,"name":"Stefan Hoffmann","email":"stefan.hoffmann@cloudandheat.com","username":"shoffmann"},"change_message_id":"b50fd6386a7e16fb8c405a985a0d68179dad9990","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"6b2f9d38_a38baa42","updated":"2022-04-22 09:06:20.000000000","message":"We tested this patch, but unfortunately, we have problems with the patch. We are testing on the latest Queens. If that should cause problems, please let us know.\n\nAbout our problems:\nWith IPv6 we have link-local IP address conflicts \"tentative dadfailed\" on the interface.\nIn addition, we also have IPv4 address conflicts with the floating IP. It seems that Neutron sets the IP when creating the router. The \"qg\" interface has the floating IP and the default route at all times regardless of whether it is active/backup.\n\nI can confirm that the basic functionality of the patch is given. The interfaces remain Up.\n\nSuggestion:\nIn HA mode the floating IP and default route should be set by keepalived and Neutron should do nothing. ha_router.set_external_gw_port_link_status should be called with set_gw\u003dFalse. Some settings for configuring the interface are then not called. This should be checked.\n\n","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":32666,"name":"Damian Dąbrowski","email":"damian@dabrowski.cloud","username":"ddabrowski"},"change_message_id":"4b96a9c48651478fef70031e1672299a6aa582e1","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"e1e548aa_ed2040b7","updated":"2022-05-30 09:29:25.000000000","message":"bug #1952907 is fixed by other change","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":32666,"name":"Damian Dąbrowski","email":"damian@dabrowski.cloud","username":"ddabrowski"},"change_message_id":"2321e456c84701a15a855e31b174c2d02fc1295e","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"d60bc943_8eb84e56","updated":"2022-04-12 22:25:22.000000000","message":"hello,\n\nOriginal plan was to block traffic on iptables until keepalived is started. This change just keeps interface down until keepalived is started which in fact may be even more reasonable.\n\nI\u0027ll split my review into 2 parts, for 2 different bugs.\n\n\n1. Gratuitous ARPs are not sent during master transition - https://bugs.launchpad.net/neutron/+bug/1952907\n\nIt solves this issue in my all-in-one environment but I wonder how reliable is it.\nI\u0027m a bit afraid of possible race condition as with this change, keepalived is started first, then qg interface is brought up.\nSo if I understand it correctly, it\u0027s technically possible that interface will be still down when keepalived tries to send GARPs on startup.\nWhat do You think?\n\n2. L3 HA connectivity to GW port can be broken after reboot of backup node - https://bugs.launchpad.net/neutron/+bug/1859832\n\nAt first glance this change shouldn\u0027t bring this problem back.\nWhat\u0027s the most important: interface is down until keepalived is started, so MLDv2 unsubscribe packets shouldn\u0027t be sent when l3 agent flushes link-local on qg interface.\nBut in order to test it properly I\u0027ll need multi-node dev environment. I will have one in next few days.\n\n","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":32666,"name":"Damian Dąbrowski","email":"damian@dabrowski.cloud","username":"ddabrowski"},"change_message_id":"197d2c018ff083588b2c594ff036c75e48d70000","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"ed7cd9d5_42cfa148","updated":"2022-04-08 18:26:02.000000000","message":"sorry I promised to test this change during this week but I got sick :/ I\u0027ll test it on Monday/Tuesday.\n\n","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":16688,"name":"Rodolfo Alonso","email":"ralonsoh@redhat.com","username":"rodolfo-alonso-hernandez"},"change_message_id":"8053d92437749d52a019fa0768117f4776485968","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"991c858d_cc3c1b31","in_reply_to":"0364093d_cda98857","updated":"2022-04-07 07:31:21.000000000","message":"[1] is a workaround over another workaround. We can\u0027t provide a configuration option to allow or not a situation that could lead to the problem that is referred in this bug.\n\nThe goal of this patch can be achieved with this code. [1] still considers setting the GW status to down during the backup state. This patch sets all interfaces to down during the initial router creation and raises them when keepalived has started. From this point, keepalived will control the GW port IPs and routes, adding and removing them when needed during the transitions.\n\n[1]https://review.opendev.org/c/openstack/neutron/+/834260","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":32666,"name":"Damian Dąbrowski","email":"damian@dabrowski.cloud","username":"ddabrowski"},"change_message_id":"21318ea4197fb503b3430511af41ce9e41c766db","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":2,"id":"9a2c5d0c_e7ad3a17","in_reply_to":"6b2f9d38_a38baa42","updated":"2022-04-28 01:03:25.000000000","message":"\u003e The \"qg\" interface has the floating IP and the default route at all times regardless of whether it is active/backup.\n\nAre You sure? During my tests I have seen router\u0027s gateway IP assigned to qg- interface on standby agent, but I haven\u0027t seen floating ip there.","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":26832,"name":"Stefan Hoffmann","email":"stefan.hoffmann@cloudandheat.com","username":"shoffmann"},"change_message_id":"c1776617347d473d392b9895c228cf767a1259ea","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":2,"id":"a386bab4_c8c6d90b","in_reply_to":"991c858d_cc3c1b31","updated":"2022-04-08 13:48:05.000000000","message":"I like the idea to let keepalived handle everything and let l3-agent out of it.\nBut does this patch allow MLDv2 and other traffic on the interface of routers that are in backup state? Like described in [1] Do you have an idea how to solve that?\n\nWe also could let keepalived set the interface up and down in worst case (already tested it..)\n\n[1] https://bugs.launchpad.net/neutron/+bug/1859832","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":26832,"name":"Stefan Hoffmann","email":"stefan.hoffmann@cloudandheat.com","username":"shoffmann"},"change_message_id":"169a52939e228bcf516d10849c2993485e9259b0","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"d33acb01_b42d0d53","in_reply_to":"9a2c5d0c_e7ad3a17","updated":"2022-04-28 07:40:37.000000000","message":"You are right, we saw the router IP, not the floating IP there.","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"},{"author":{"_account_id":26832,"name":"Stefan Hoffmann","email":"stefan.hoffmann@cloudandheat.com","username":"shoffmann"},"change_message_id":"169a52939e228bcf516d10849c2993485e9259b0","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":2,"id":"fbef883f_44b10f71","in_reply_to":"a25c5574_71c3416b","updated":"2022-04-28 07:40:37.000000000","message":"Thanks, this sounds really promising. I will try to find time to test this.","commit_id":"0eaa47e1036c07ab3c8cb784e8783a7cdc1446f5"}]}