Fix nat66 - broken after load-balance was introduced in nat
Closed, ResolvedPublicBUG
Actions

Assigned To

Authored By

	n.fort
	Aug 9 2023, 10:03 AM

Description

After https://github.com/vyos/vyos-1x/pull/2119 was merged, nat66 smoketest fails:

06:54:59  DEBUG - test_source_nat66_required_translation_prefix (__main__.TestNAT66.test_source_nat66_required_translation_prefix) ... ERROR
06:54:59  DEBUG - 
06:54:59  DEBUG - ======================================================================
06:54:59  DEBUG - ERROR: test_destination_nat66 (__main__.TestNAT66.test_destination_nat66)
06:54:59  DEBUG - ----------------------------------------------------------------------
06:54:59  DEBUG - Traceback (most recent call last):
06:54:59  DEBUG -   File "/usr/libexec/vyos/tests/smoke/cli/test_nat66.py", line 111, in test_destination_nat66
06:54:59  DEBUG -     self.cli_commit()
06:54:59  DEBUG -   File "/usr/libexec/vyos/tests/smoke/cli/base_vyostest_shim.py", line 76, in cli_commit
06:54:59  DEBUG -     self._session.commit()
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/configsession.py", line 183, in commit
06:54:59  DEBUG -     out = self.__run_command([COMMIT])
06:54:59  DEBUG -           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/configsession.py", line 139, in __run_command
06:54:59  DEBUG -     raise ConfigSessionError(output)
06:54:59  DEBUG - vyos.configsession.ConfigSessionError: [ nat66 ]
06:54:59  DEBUG - VyOS had an issue completing a command.
06:54:59  DEBUG - 
06:54:59  DEBUG - We are sorry that you encountered a problem while using VyOS.
06:54:59  DEBUG - There are a few things you can do to help us (and yourself):
06:54:59  DEBUG - - Contact us using the online help desk if you have a subscription:
06:54:59  DEBUG -   https://support.vyos.io/
06:54:59  DEBUG - - Make sure you are running the latest version of VyOS available at:
06:54:59  DEBUG -   https://vyos.net/get/
06:54:59  DEBUG - - Consult the community forum to see how to handle this issue:
06:54:59  DEBUG -   https://forum.vyos.io
06:54:59  DEBUG - - Join us on Slack where our users exchange help and advice:
06:54:59  DEBUG -   https://vyos.slack.com
06:54:59  DEBUG - 
06:54:59  DEBUG - When reporting problems, please include as much information as possible:
06:54:59  DEBUG - - do not obfuscate any data (feel free to contact us privately if your
06:54:59  DEBUG -   business policy requires it)
06:54:59  DEBUG - - and include all the information presented below
06:54:59  DEBUG - 
06:54:59  DEBUG - Report time:      2023-08-09 03:54:49
06:54:59  DEBUG - Image version:    VyOS 1.4-rolling-202308090317
06:54:59  DEBUG - Release train:    current
06:54:59  DEBUG - 
06:54:59  DEBUG - Built by:         [email protected]
06:54:59  DEBUG - Built on:         Wed 09 Aug 2023 03:17 UTC
06:54:59  DEBUG - Build UUID:       aa5ad89d-3972-44cd-8822-abd7ae8e15c0
06:54:59  DEBUG - Build commit ID:  94725d89d158cb
06:54:59  DEBUG - 
06:54:59  DEBUG - Architecture:     x86_64
06:54:59  DEBUG - Boot via:         installed image
06:54:59  DEBUG - System type:      KVM guest
06:54:59  DEBUG - 
06:54:59  DEBUG - Hardware vendor:  QEMU
06:54:59  DEBUG - Hardware model:   Standard PC (i440FX + PIIX, 1996)
06:54:59  DEBUG - Hardware S/N:
06:54:59  DEBUG - Hardware UUID:    d27cf29e-4419-4407-8f82-dc73d1acd184
06:54:59  DEBUG - 
06:54:59  DEBUG - Traceback (most recent call last):
06:54:59  DEBUG -   File "/usr/libexec/vyos/conf_mode/nat66.py", line 177, in <module>
06:54:59  DEBUG -     generate(c)
06:54:59  DEBUG -   File "/usr/libexec/vyos/conf_mode/nat66.py", line 153, in generate
06:54:59  DEBUG -     render(nftables_nat66_config, 'firewall/nftables-nat66.j2', nat, permission=0o755)
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/template.py", line 142, in render
06:54:59  DEBUG -     rendered = render_to_string(template, content, formater, location)
06:54:59  DEBUG -                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/template.py", line 111, in render_to_string
06:54:59  DEBUG -     rendered = template.render(content)
06:54:59  DEBUG -                ^^^^^^^^^^^^^^^^^^^^^^^^
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 1301, in render
06:54:59  DEBUG -     self.environment.handle_exception()
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 936, in handle_exception
06:54:59  DEBUG -     raise rewrite_traceback_stack(source=source)
06:54:59  DEBUG -   File "/usr/share/vyos/templates/firewall/nftables-nat66.j2", line 32, in top-level template code
06:54:59  DEBUG -     {{ config | nat_rule(rule, 'destination', ipv6=True) }}
06:54:59  DEBUG -     ^^^^^^^^^^^^^^^^^^^^^^^^^
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/template.py", line 658, in nat_rule
06:54:59  DEBUG -     return parse_nat_rule(rule_conf, rule_id, nat_type, ipv6)
06:54:59  DEBUG -            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/nat.py", line 97, in parse_nat_rule
06:54:59  DEBUG -     if 'backend' in rule_conf['load_balance']:
06:54:59  DEBUG -                     ~~~~~~~~~^^^^^^^^^^^^^^^^
06:54:59  DEBUG - KeyError: 'load_balance'
06:54:59  DEBUG - 
06:54:59  DEBUG - 
06:54:59  DEBUG - 
06:54:59  DEBUG - [[nat66]] failed
06:54:59  DEBUG - Commit failed
06:54:59  DEBUG - 
06:54:59  DEBUG - 
06:54:59  DEBUG - ======================================================================
06:54:59  DEBUG - ERROR: test_destination_nat66_prefix (__main__.TestNAT66.test_destination_nat66_prefix)
06:54:59  DEBUG - ----------------------------------------------------------------------
06:54:59  DEBUG - Traceback (most recent call last):
06:54:59  DEBUG -   File "/usr/libexec/vyos/tests/smoke/cli/test_nat66.py", line 152, in test_destination_nat66_prefix
06:54:59  DEBUG -     self.cli_commit()
06:54:59  DEBUG -   File "/usr/libexec/vyos/tests/smoke/cli/base_vyostest_shim.py", line 76, in cli_commit
06:54:59  DEBUG -     self._session.commit()
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/configsession.py", line 183, in commit
06:54:59  DEBUG -     out = self.__run_command([COMMIT])
06:54:59  DEBUG -           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/configsession.py", line 139, in __run_command
06:54:59  DEBUG -     raise ConfigSessionError(output)
06:54:59  DEBUG - vyos.configsession.ConfigSessionError: [ nat66 ]
06:54:59  DEBUG - VyOS had an issue completing a command.
06:54:59  DEBUG - 
06:54:59  DEBUG - We are sorry that you encountered a problem while using VyOS.
06:54:59  DEBUG - There are a few things you can do to help us (and yourself):
06:54:59  DEBUG - - Contact us using the online help desk if you have a subscription:
06:54:59  DEBUG -   https://support.vyos.io/
06:54:59  DEBUG - - Make sure you are running the latest version of VyOS available at:
06:54:59  DEBUG -   https://vyos.net/get/
06:54:59  DEBUG - - Consult the community forum to see how to handle this issue:
06:54:59  DEBUG -   https://forum.vyos.io
06:54:59  DEBUG - - Join us on Slack where our users exchange help and advice:
06:54:59  DEBUG -   https://vyos.slack.com
06:54:59  DEBUG - 
06:54:59  DEBUG - When reporting problems, please include as much information as possible:
06:54:59  DEBUG - - do not obfuscate any data (feel free to contact us privately if your
06:54:59  DEBUG -   business policy requires it)
06:54:59  DEBUG - - and include all the information presented below
06:54:59  DEBUG - 
06:54:59  DEBUG - Report time:      2023-08-09 03:54:49
06:54:59  DEBUG - Image version:    VyOS 1.4-rolling-202308090317
06:54:59  DEBUG - Release train:    current
06:54:59  DEBUG - 
06:54:59  DEBUG - Built by:         [email protected]
06:54:59  DEBUG - Built on:         Wed 09 Aug 2023 03:17 UTC
06:54:59  DEBUG - Build UUID:       aa5ad89d-3972-44cd-8822-abd7ae8e15c0
06:54:59  DEBUG - Build commit ID:  94725d89d158cb
06:54:59  DEBUG - 
06:54:59  DEBUG - Architecture:     x86_64
06:54:59  DEBUG - Boot via:         installed image
06:54:59  DEBUG - System type:      KVM guest
06:54:59  DEBUG - 
06:54:59  DEBUG - Hardware vendor:  QEMU
06:54:59  DEBUG - Hardware model:   Standard PC (i440FX + PIIX, 1996)
06:54:59  DEBUG - Hardware S/N:
06:54:59  DEBUG - Hardware UUID:    d27cf29e-4419-4407-8f82-dc73d1acd184
06:54:59  DEBUG - 
06:54:59  DEBUG - Traceback (most recent call last):
06:54:59  DEBUG -   File "/usr/libexec/vyos/conf_mode/nat66.py", line 177, in <module>
06:54:59  DEBUG -     generate(c)
06:54:59  DEBUG -   File "/usr/libexec/vyos/conf_mode/nat66.py", line 153, in generate
06:54:59  DEBUG -     render(nftables_nat66_config, 'firewall/nftables-nat66.j2', nat, permission=0o755)
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/template.py", line 142, in render
06:54:59  DEBUG -     rendered = render_to_string(template, content, formater, location)
06:54:59  DEBUG -                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/template.py", line 111, in render_to_string
06:54:59  DEBUG -     rendered = template.render(content)
06:54:59  DEBUG -                ^^^^^^^^^^^^^^^^^^^^^^^^
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 1301, in render
06:54:59  DEBUG -     self.environment.handle_exception()
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 936, in handle_exception
06:54:59  DEBUG -     raise rewrite_traceback_stack(source=source)
06:54:59  DEBUG -   File "/usr/share/vyos/templates/firewall/nftables-nat66.j2", line 32, in top-level template code
06:54:59  DEBUG -     {{ config | nat_rule(rule, 'destination', ipv6=True) }}
06:54:59  DEBUG -     ^^^^^^^^^^^^^^^^^^^^^^^^^
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/template.py", line 658, in nat_rule
06:54:59  DEBUG -     return parse_nat_rule(rule_conf, rule_id, nat_type, ipv6)
06:54:59  DEBUG -            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
06:54:59  DEBUG -   File "/usr/lib/python3/dist-packages/vyos/nat.py", line 97, in parse_nat_rule
06:54:59  DEBUG -     if 'backend' in rule_conf['load_balance']:
06:54:59  DEBUG -                     ~~~~~~~~~^^^^^^^^^^^^^^^^
06:54:59  DEBUG - KeyError: 'load_balance'
06:54:59  DEBUG - 
06:54:59  DEBUG - 
06:54:59  DEBUG - 
06:54:59  DEBUG - [[nat66]] failed
06:54:59  DEBUG - Commit failed
06:54:59  DEBUG - 
06:54:59  DEBUG - 
06:54:59  DEBUG - ======================================================================
06:54:59  DEBUG - ERROR: test_destination_nat66_protocol (__main__.TestNAT66.test_destination_nat66_protocol)
06:54:59  DEBUG - ----------------------------------------------------------------------

Details

Difficulty level: Easy (less than an hour)
Version: vyos-1.4-rolling-202308060317
Why the issue appeared?: Will be filled on close
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Bug (incorrect behavior)

Event Timeline

n.fort created this task.Aug 9 2023, 10:03 AM

Not only affects, smoketest.. nat66 got broken

n.fort renamed this task from Fix nat66 smoketest to Fix nat66 - broken after load-balance was introduced in nat.Aug 9 2023, 10:53 AM

pasik added a subscriber: pasik.Aug 9 2023, 12:13 PM

n.fort changed the task status from Open to Needs testing.Aug 9 2023, 6:48 PM

n.fort claimed this task.Aug 10 2023, 6:38 PM

n.fort closed this task as Resolved.Aug 23 2023, 11:14 AM

Viacheslav moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta board.Aug 23 2023, 11:58 AM

Fix nat66 - broken after load-balance was introduced in natClosed, ResolvedPublicBUGActions

Description

Details

Event Timeline

Fix nat66 - broken after load-balance was introduced in nat
Closed, ResolvedPublicBUG
Actions