[NETVIRT-242] Sg - Missing rules for replace vm Sg operation Created: 06/Nov/16  Updated: 19/Oct/17  Resolved: 21/Dec/16

Status: Resolved
Project: netvirt
Component/s: General
Affects Version/s: Boron
Fix Version/s: None

Type: Bug
Reporter: zan cohen Assignee: Unassigned
Resolution: Cannot Reproduce Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All

Attachments: File xab.zipx    
External issue ID: 7095

 Description   

Note
*****
Defect found as continuation to other test
Action 1
********
Previous test Actions:
Lunch 2 vms in same network and different Hosts:vm_x(Sg1=egress for Tcp 80),vm_y(Sg2=All protocol - ingress&Egress).
Try to open wget from vm_x->vm_y,Add rule for exist Sg1 :egress for All_Tcp,wget and ssh from vm_x->vm_y.
Action2
********
Create new SG3:All Icmp+All Tcp+All Udp.(for All ingress&Egress)
Deassosiate Exit Sg from vm_x and Associate new SG3.
verify udp,Tcp,icmp work from vm_x to vm_y

Resault
*******
only Tcp packets flows(I try tcp 22 and tcp 80)

**View Ovs rules for vm_x(The one which Sg update on) - only Tcp 80 and All Tcp exist in table 40

 Comments   
Comment by zan cohen [ 06/Nov/16 ]

Ovs Rules for table 42
************************
root@devstack-man21-zan:~# ovs-ofctl dump-flows -OOpenFlow13 br-int | grep table=42
cookie=0x6900000, duration=18542.889s, table=42, n_packets=64, n_bytes=10716, priority=61010,reg5=0x1 actions=resubmit(,17)
cookie=0x6900000, duration=7232.212s, table=42, n_packets=19, n_bytes=1406, priority=61010,tcp,metadata=0x40000000000/0x1fffff0000000000,tp_dst=80 actions=learn(table=252,idle_timeout=18000,fin_idle_timeout=300,priority=61010,cookie=0x6900000,eth_type=0x800,nw_proto=6,NXM_OF_IP_SRC[]=NXM_OF_IP_DST[],NXM_OF_TCP_SRC[]=NXM_OF_TCP_DST[],NXM_OF_IP_DST[]=NXM_OF_IP_SRC[],NXM_OF_TCP_DST[]=NXM_OF_TCP_SRC[],load:0x1->NXM_NX_REG5[0..7]),resubmit(,17)
cookie=0x6900000, duration=6460.888s, table=42, n_packets=70, n_bytes=10654, priority=61010,tcp,metadata=0x40000000000/0x1fffff0000000000 actions=learn(table=252,idle_timeout=300,priority=61010,cookie=0x6900000,eth_type=0x800,NXM_OF_IP_SRC[]=NXM_OF_IP_DST[],NXM_OF_IP_DST[]=NXM_OF_IP_SRC[],NXM_OF_IP_PROTO[],load:0x1->NXM_NX_REG5[0..7]),resubmit(,17)
cookie=0x6900000, duration=18542.888s, table=42, n_packets=117, n_bytes=10885, priority=0 actions=drop

Comment by zan cohen [ 07/Nov/16 ]

see Attach Karaf logs from date 6/11/2016

Comment by zan cohen [ 07/Nov/16 ]

Attachment xab.zipx has been added with description: Karaf logs

Comment by zan cohen [ 08/Nov/16 ]

Scenario2
2 vm's allocate to sg1 and sg2 with icmp only (in&eg).
create and replace both sg to new sg with icmp+udp+tcp.(in that case i saw in defect that tcp and udp rules doesn't update)

Comment by Slava Radune [ 20/Dec/16 ]

Doesn't reproduce for. Everything seems to be fine.
Maybe this bug happened with Mitaka OS, and now I am trying it with Newton OS.

Generated at Wed Feb 07 20:21:04 UTC 2024 using Jira 8.20.10#820010-sha1:ace47f9899e9ee25d7157d59aa17ab06aee30d3d.