-
Bug
-
Resolution: Done
-
None
-
Boron
-
None
-
None
-
Operating System: All
Platform: All
-
7922
Flow entry associated with two more security rules incorrectly deleted when one of the security is deleted.
Reproduction steps:
1) create SG sg1 and sg2
2) create tcp ingress rule for both sg1 and sg2
neutron security-group-rule-create --direction ingress --protocol tcp --ethertype IPv4 sg1
neutron security-group-rule-create --direction ingress --protocol tcp --ethertype IPv4 sg2
3) create VM vm1 and associate sg1 and sg2 with vm1
4) In the node, only one flow entry is pushed for the above 2 identical rules
table=90, priority=61007,tcp,dl_dst=fa:16:3e:d2:1b:95 action=...
5) Now disassociate sg1 from vm1,
Expect: the flow entry above remains since sg2 which includes the tcp ingress rule still associates with the VM.
Actual: the flow entry above is wrongly removed