Details
-
Bug
-
Status: Resolved
-
Resolution: Done
-
Boron
-
None
-
None
-
None
-
Operating System: All
Platform: All
-
7264
Description
issue scenario:
remote SG rules not applied to the VM initially created
steps to reproduce the Bug:
1. Create SG “SG1”.
2. Delete all default rules in the SG1.
3. Create network1
4. Create VM1 using “SG1”
5. Add rule to SG1 “Custom TCP ingress port 80 and remote SG selected as SG1”
6. Now create VM2 using SG1.
7. Ingress flow only added to VM2 with nw_src ip VM1.
cookie=0x0, duration=23.248s, table=90, n_packets=0, n_bytes=0, priority=61004,tcp,dl_dst=fa:16:3e:39:37:2a,nw_src=10.0.0.3,tp_dst=80 actions=learn(table=39,idle_timeout=18000,hard_timeout=18000,fin_idle_timeout=60,fin_hard_timeout=60,priority=61010,eth_type=0x800,nw_proto=6,
NXM_OF_IP_SRC[]=NXM_OF_IP_DST[],NXM_OF_IP_DST[]=NXM_OF_IP_SRC[],NXM_OF_TCP_SRC[]=NXM_OF_TCP_DST[],NXM_OF_TCP_DST[]=NXM_OF_TCP_SRC[],NXM_NX_TUN_ID[],load:0x1->NXM_NX_REG6[0..7]),resubmit(,100)
expected is VM1 also will get the TCP rule.
Then removed SG1 from VM1 and applied again, now I am able to see TCP rule for VM1 and VM2.
cookie=0x0, duration=9.806s, table=90, n_packets=0, n_bytes=0, priority=61004,tcp,dl_dst=fa:16:3e:cb:23:bd,nw_src=10.0.0.4,tp_dst=80 actions=learn(table=39,idle_timeout=18000,hard_timeout=18000,fin_idle_timeout=60,fin_hard_timeout=60,priority=61010,eth_type=0x800,nw_proto=6,
NXM_OF_IP_SRC[]=NXM_OF_IP_DST[],NXM_OF_IP_DST[]=NXM_OF_IP_SRC[],NXM_OF_TCP_SRC[]=NXM_OF_TCP_DST[],NXM_OF_TCP_DST[]=NXM_OF_TCP_SRC[],NXM_NX_TUN_ID[],load:0x1->NXM_NX_REG6[0..7]),resubmit(,100)
cookie=0x0, duration=3.625s, table=90, n_packets=0, n_bytes=0, priority=61004,tcp,dl_dst=fa:16:3e:39:37:2a,nw_src=10.0.0.3,tp_dst=80 actions=learn(table=39,idle_timeout=18000,hard_timeout=18000,fin_idle_timeout=60,fin_hard_timeout=60,priority=61010,eth_type=0x800,nw_proto=6,
NXM_OF_IP_SRC[]=NXM_OF_IP_DST[],NXM_OF_IP_DST[]=NXM_OF_IP_SRC[],NXM_OF_TCP_SRC[]=NXM_OF_TCP_DST[],NXM_OF_TCP_DST[]=NXM_OF_TCP_SRC[],NXM_NX_TUN_ID[],load:0x1->NXM_NX_REG6[0..7]),resubmit(,100)