← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1263194] [NEW] VPN agent does not handle multiple connections per vpn service

 

Public bug reported:

When you try to configure more than one VPN site connection object with
a single VPN Service, the second site connection is not handled by the
VPN Agent. The plugin configures the data in the db, but the second
site-connection status is always in "PENDING_CREATE" state.

Also the agent does not update the "ipsec.conf" and "ipsec.secrets"
file for the new site-connection details. There is not Exception or
Error messages raised by the Plugin or Agent during this operation, so
it is clueless.


[root@Neutron-Server sc]# neutron ipsec-site-connection-list
+--------------------------------------+----------------+--------------+----------------+------------+-----------+----------------+
| id | name | peer_address | peer_cidrs | route_mode | auth_mode | status |
+--------------------------------------+----------------+--------------+----------------+------------+-----------+----------------+
| 81b502a7-a1ae-47e1-80c8-eadf0a98a154 | vpnconnection2 | 192.102.0.62 | "10.10.3.0/24" | static | psk | PENDING_CREATE |
| ed982186-5f8d-4704-b5c7-2456f98a84f2 | vpnconnection2 | 192.102.0.60 | "10.10.1.0/24" | static | psk | ACTIVE |
+--------------------------------------+----------------+--------------+----------------+------------+-----------+----------------+
----------
81b502a7-a1ae-47e1-80c8-eadf0a98a154 | vpnconnection2 | 192.102.0.62 | "10.10.3.0/24" | static | psk | PENDING_CREATE |
this one  is in pending state

** Affects: neutron
     Importance: Undecided
         Status: New


** Tags: vpnaas

** Attachment added: "Includes "ipsec.conf", "ipsec.secrets" and "vpn_agent.log""
   https://bugs.launchpad.net/bugs/1263194/+attachment/3933343/+files/VPN-AGENT-FILES.ZIP

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1263194

Title:
  VPN agent does not handle multiple connections per vpn service

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  When you try to configure more than one VPN site connection object
  with a single VPN Service, the second site connection is not handled
  by the VPN Agent. The plugin configures the data in the db, but the
  second site-connection status is always in "PENDING_CREATE" state.

  Also the agent does not update the "ipsec.conf" and "ipsec.secrets"
  file for the new site-connection details. There is not Exception or
  Error messages raised by the Plugin or Agent during this operation, so
  it is clueless.

  
  [root@Neutron-Server sc]# neutron ipsec-site-connection-list
  +--------------------------------------+----------------+--------------+----------------+------------+-----------+----------------+
  | id | name | peer_address | peer_cidrs | route_mode | auth_mode | status |
  +--------------------------------------+----------------+--------------+----------------+------------+-----------+----------------+
  | 81b502a7-a1ae-47e1-80c8-eadf0a98a154 | vpnconnection2 | 192.102.0.62 | "10.10.3.0/24" | static | psk | PENDING_CREATE |
  | ed982186-5f8d-4704-b5c7-2456f98a84f2 | vpnconnection2 | 192.102.0.60 | "10.10.1.0/24" | static | psk | ACTIVE |
  +--------------------------------------+----------------+--------------+----------------+------------+-----------+----------------+
  ----------
  81b502a7-a1ae-47e1-80c8-eadf0a98a154 | vpnconnection2 | 192.102.0.62 | "10.10.3.0/24" | static | psk | PENDING_CREATE |
  this one  is in pending state

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1263194/+subscriptions


Follow ups

References