[NETVIRT-1181] AAP Mac address is not added for L2 Broadcast in ACL flows during port update Created: 28/Mar/18  Updated: 31/May/18  Resolved: 05/Apr/18

Status: Verified
Project: netvirt
Component/s: General
Affects Version/s: Oxygen
Fix Version/s: Oxygen-SR1, Fluorine

Type: Bug Priority: Highest
Reporter: Kiran Vasudeva Assignee: Kiran Vasudeva
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: 0 minutes
Time Spent: 2 weeks
Original Estimate: 2 weeks

Priority: High

 Description   

AAP : Allowed address pair

ACL: Access control List, aka Security Group (SG)

There are 2 related issues:

  1. AAP Mac address is not added for L2 Broadcast in ACL via port update.
  2. If Port created with AAP Mac, this mac will be added to L2 Broadcast. But not deleted post removal of AAP.

Issue 1:

  • Create Port P1, without AAP
  • Boot vm VM1 to the port P1
  • Now update port with AAP IP address IP2 and Mac Address MAC2.

observe flows in 210, the L2 Broadcast rule is not added for the newly updated Mac- MAC2.

Issue 2:

  • Create port P1 with AAP IP2, Mac MAC2.
  • Boot vm VM1 with port P1.

Observe flows in 210, the L2 Broadcast rule for AAP MAC2, is visible.

  • Now update port P1, to remove AAP.

observe flows in 210, the L2 Broadcast rule for AAP MAC2, is not removed.

 Comments   
Comment by Kiran Vasudeva [ 28/Mar/18 ]

updating the priority and severity, since all broadcast traffic with allowed address pair mac will be impacted.

Comment by Kiran Vasudeva [ 28/Mar/18 ]

confirmed the behavior, defect is valid

Comment by Sam Hague [ 05/Apr/18 ]

https://git.opendaylight.org/gerrit/70368

Comment by Kiran Vasudeva [ 31/May/18 ]

Tests have passed, fix working as expected

Generated at Wed Feb 07 20:23:26 UTC 2024 using Jira 8.20.10#820010-sha1:ace47f9899e9ee25d7157d59aa17ab06aee30d3d.