← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #14624

[Bug 1322638] [NEW] Shared firewall from admin is not working in other tenant's network

  Thread PreviousDate PreviousThread Next 
Public bug reported:

DESCRIPTION: 
 
            firewall created with shared = true from admin is not taking effect on tenant's network

Steps to Reproduce: 
            create two network n1,n2 (having subnet s1 and s2 respectively)  and attach it to the router r1 from admin tenant
            create vm1 and vm2 on each network n1 and n2 from admin tenant
            create a firewall rule r1 with protocol = icmp and action = deny from admin tenant
            create a firewall policy p1 with the above firewall rule r1 from admin tenant
            create a firewall f1 with the polciy p1 and shared=true from admin tenant
           create two network n3,n4 (having subnet s3 and s4 respectively)  and attach it to the router r2 from member tenant
           create vm3 and vm4 on each network n3 and n4 from admin tenant
          ping from vm1 to vm2 fails since the firewall rule r1 takes effect
          
 
            
            
Actual Results: 
       ping from vm3 to vm4 succeeds
       shared firewall f1 and its rules r1 are not visible from tenants
Expected Results: 
       ping from vm3 to vm4 should fail since the firewall is shared from admin
       and also shared firewall f1 and it rules r1 should be visible from tenant

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1322638

Title:
  Shared firewall from admin is not working in other tenant's network

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  DESCRIPTION: 
   
              firewall created with shared = true from admin is not taking effect on tenant's network

  Steps to Reproduce: 
              create two network n1,n2 (having subnet s1 and s2 respectively)  and attach it to the router r1 from admin tenant
              create vm1 and vm2 on each network n1 and n2 from admin tenant
              create a firewall rule r1 with protocol = icmp and action = deny from admin tenant
              create a firewall policy p1 with the above firewall rule r1 from admin tenant
              create a firewall f1 with the polciy p1 and shared=true from admin tenant
             create two network n3,n4 (having subnet s3 and s4 respectively)  and attach it to the router r2 from member tenant
             create vm3 and vm4 on each network n3 and n4 from admin tenant
            ping from vm1 to vm2 fails since the firewall rule r1 takes effect
            
   
              
              
  Actual Results: 
         ping from vm3 to vm4 succeeds
         shared firewall f1 and its rules r1 are not visible from tenants
  Expected Results: 
         ping from vm3 to vm4 should fail since the firewall is shared from admin
         and also shared firewall f1 and it rules r1 should be visible from tenant

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1322638/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next