Ask Your Question
0

After creating selfservice subnet, neutron linux bridge log shows ERROR "RTNETLINK answers: Permission denied"

asked 2016-05-09 14:16:58 -0600

luowei gravatar image

updated 2016-05-10 15:11:19 -0600

This is following Mitaka Installation Guide for Ubuntu 14.04 (LTS) with Networking Option 2: Self-service networks.

After creating virtual networks, "Verify operation" shows correct "ip netns" and "neutron router-port-list router", but pinging gateway IP address on the provider network fails.

Checking the logs, the neutron linux bridge log shows:

ERROR neutron.plugins.ml2.drivers.agent._common_agent RuntimeError: Exit code: 2; Stdin: ; Stdout: ; Stderr: RTNETLINK answers: Permission denied

This error appears at the point in time when giving the "neutron subnet-create" command.

edit retag flag offensive close merge delete

Comments

can you provide the lb agent log, neutron net-show, neutron subnet-show, the lb agent config files

darragh-oreilly gravatar imagedarragh-oreilly ( 2016-05-16 01:28:00 -0600 )edit

2 answers

Sort by ยป oldest newest most voted
0

answered 2017-02-09 08:36:54 -0600

dcreno gravatar image

updated 2017-02-09 08:37:41 -0600

See my question which I believe is the same answer: https://ask.openstack.org/en/question/102330/openstack-subnet-create-causes-linuxbridge-agent-rtnetlink-error-on-newton/ (https://ask.openstack.org/en/question...)

tl;dr: The linux-bridge agent disables IPv6 by design. If you have IPv6 configured on your physical NIC, neutron/root will not have permission to move the address from the physical NIC to the linux-bridge. The solution is to remove the IPv6 configuration from the operating system network config files. Presumably, the linux-bridge will still forward IPv6 as L2 frames and you can still use IPv6 on your guests.

(please upvote if this helped you)

edit flag offensive delete link more
0

answered 2016-05-09 14:37:20 -0600

luowei gravatar image

updated 2016-05-13 08:05:23 -0600

This is somehow linked to ipv6. If I disable ipv6 in /etc/sysctl.conf (net.ipv6.conf.all.disable_ipv6=1) the ERROR does not occur.

But I need the provider networks to be dual-stacked.

Also, if I disable the external radvd (SLAAC) server on the management and provider subnets, the ERROR does not occur.

This was not a problem in Liberty.

edit flag offensive delete link more

Comments

See my similar question: https://ask.openstack.org/en/question/102330/openstack-subnet-create-causes-linuxbridge-agent-rtnetlink-error-on-newton/ (https://ask.openstack.org/en/question...)

Turn on debug, note that it may be linuxbridge agent failing to move the IPv6 address to the new bridge.

dcreno gravatar imagedcreno ( 2017-02-06 09:59:02 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-05-09 14:16:58 -0600

Seen: 2,578 times

Last updated: Feb 09 '17