DHCP offer not received by client
I am running OpenStack Liberty on Ubuntu 14.04 LTS using Neutron networking configured with a simple Linux bridge.
When I boot a CirrOS image, it will not get a DHCP address but if I manually assign one I can ping and SSH.
On the compute node, a tcpdump of the physical interface does show the request and reply packets.
tcpdump -i eth1 port 67 or port 68
13:28:01.950770 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:30:83:14 (oui Unknown), length 280
13:28:01.951031 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:30:83:14 (oui Unknown), length 280
13:28:01.951802 IP 207-71-6-66.static.twtelecom.net.bootps > 207-71-6-69.static.twtelecom.net.bootpc: BOOTP/DHCP, Reply, length 330
13:28:01.951909 IP 207-71-6-66.static.twtelecom.net.bootps > 207-71-6-69.static.twtelecom.net.bootpc: BOOTP/DHCP, Reply, length 330
13:28:01.952195 IP 207-71-6-66.static.twtelecom.net.bootps > 207-71-6-69.static.twtelecom.net.bootpc: BOOTP/DHCP, Reply, length 330
13:28:01.952311 IP 207-71-6-66.static.twtelecom.net.bootps > 207-71-6-69.static.twtelecom.net.bootpc: BOOTP/DHCP, Reply, length 330
but the tap interface only shows the request packets.
tcpdump -i tap85125144-16 port 67 or port 68
13:30:26.347158 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:30:83:14 (oui Unknown), length 280
13:30:26.347511 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:30:83:14 (oui Unknown), length 280
13:30:31.357905 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:30:83:14 (oui Unknown), length 280
13:30:31.358272 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from fa:16:3e:30:83:14 (oui Unknown), length 280
Here's my bridge configuration
bridge name bridge id STP enabled interfaces
brq4c2022d1-2d 8000.000c29c242bb yes eth1
tap85125144-16
I've cleaned out my iptables (and added a default rule for packet tracking)
iptables -L -v
Chain INPUT (policy ACCEPT 12802 packets, 1887K bytes)
pkts bytes target prot opt in out source destination
13093 1901K all -- any any anywhere anywhere
Chain FORWARD (policy ACCEPT 808 packets, 249K bytes)
pkts bytes target prot opt in out source destination
808 249K all -- any any anywhere anywhere
Chain OUTPUT (policy ACCEPT 13927 packets, 4292K bytes)
pkts bytes target prot opt in out source destination
14224 4345K all -- any any anywhere anywhere
Chain neutron-filter-top (0 references)
pkts bytes target prot opt in out source destination
0 0 all -- any any anywhere anywhere
Chain neutron-linuxbri-FORWARD (0 references)
pkts bytes target prot opt in out source destination
0 0 all -- any any anywhere anywhere
Chain neutron-linuxbri-INPUT (0 references)
pkts bytes target prot opt in out source destination
0 ...
Can you try disabling STP on the bridge? Have a look at the MAC addresses learned by the bridge as well. Perhaps there is something wrong with the learned MACs.
I have disabled STP and 'brctl showmacs' does show the correct entry in the table. It's only DHCP replies that seem to have an issue, if I assign a static IP everything works.
Well, really silly suggestion: but maybe the compute node is dropping the packets? Did you disable reverse path filtering? In
/etc/sysctl.conf
:net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0