-
Bug
-
Resolution: Done
-
Highest
-
Oxygen
-
None
-
High
AAP : Allowed address pair
ACL: Access control List, aka Security Group (SG)
There are 2 related issues:
- AAP Mac address is not added for L2 Broadcast in ACL via port update.
- If Port created with AAP Mac, this mac will be added to L2 Broadcast. But not deleted post removal of AAP.
Issue 1:
- Create Port P1, without AAP
- Boot vm VM1 to the port P1
- Now update port with AAP IP address IP2 and Mac Address MAC2.
observe flows in 210, the L2 Broadcast rule is not added for the newly updated Mac- MAC2.
Issue 2:
- Create port P1 with AAP IP2, Mac MAC2.
- Boot vm VM1 with port P1.
Observe flows in 210, the L2 Broadcast rule for AAP MAC2, is visible.
- Now update port P1, to remove AAP.
observe flows in 210, the L2 Broadcast rule for AAP MAC2, is not removed.