Hi,

I saw this issue too, I was just about to report it.

If I understand correctly, this is because of the openvswitch iptables rules which are created (for security groups?)

`service iptables status`

...

Chain neutron-openvswi-s0ec3eb58-0 (1 references)

num target prot opt source destination

1 RETURN all -- 10.0.0.12 0.0.0.0/0 MAC FA:16:3E:2E:B7:E3

2 DROP all -- 0.0.0.0/0 0.0.0.0/0

....

In your case, the MAC address is different -- FA:16:3E:67:64:A4

This issue also appears on icehouse w/ foreman, so it looks like it may be the puppet modules at fault here

Andrew.

On Fri, Mar 28, 2014 at 7:37 AM, St. George, Allan L. <ALLAN.L.ST.GEORGE@leidos.com> wrote:

Currently running RDO/Havana deployed via Foreman on a multi-compute node stack (Controller, Neutron, and three Nova-Compute servers)

When spawning an instance, it correctly spawns and reports/registers to the Foreman dashboard.

The problem is that the hypervisor/compute-node that is hosting the instance will then begin to report:

Level

Resource

message

err

Puppet

Could not prefetch firewall provider 'iptables': Invalid address from IPAddr.new: FA:16:3E:67:64:A4

err

/Firewall[001 nova compute incoming]

Could not evaluate: Invalid address from IPAddr.new: FA:16:3E:67:64:A4

err

/Firewall[002 vxlan udp]

Could not evaluate: Invalid address from IPAddr.new: FA:16:3E:67:64:A4

When the instance is deleted, the error will disappear also.

Any assistance/insight would be appreciated.

Thank you.

_______________________________________________
Rdo-list mailing list
Rdo-list@redhat.com
https://www.redhat.com/mailman/listinfo/rdo-list

Level	Resource	message
err	Puppet	Could not prefetch firewall provider 'iptables': Invalid address from IPAddr.new: FA:16:3E:67:64:A4
err	/Firewall[001 nova compute incoming]	Could not evaluate: Invalid address from IPAddr.new: FA:16:3E:67:64:A4
err	/Firewall[002 vxlan udp]	Could not evaluate: Invalid address from IPAddr.new: FA:16:3E:67:64:A4