← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1338480] [NEW] VM's allowed address pair IP is not updated in the remote group VMs allowed IP list.

 

Public bug reported:

1. Create a new tenant
2. Create a network -> Add subnet  (10.10.10.0/24)  in the network
3. Create  two VMs    (VM1  and VM2)   in network in s  default security  group.
4.  Now   updated  VM1 port   with  an  allowed address pair IP  (20.20.20.2)

 neutron port-update  079804ae-d941-4ec2-b36a-8b1d60b0cda8 --allowed-
address-pairs type=dict list=true ip_address=20.20.20.2


Update VM port2 IP with  and allowed address pair  IP   20.20.20.3

neutron port-update f538604a-3437-447b-a4ea-7d37b07a88c6 --allowed-
address-pairs type=dict list=true ip_address=20.20.20.3

5.  In VM1 , add  one more IP address  20.20.20.2

sudo ip addr add 20.20.20.2/24 dev eth0

In VM2   , add IP address 20.20.20.2

sudo ip addr add 20.20.20.3/24 dev eth0

now  from VM1  , try  to ping  20.20.20.3

It  fails  to ping

Then try to restart  neutron-plugin-openvswitch-agent on compute  ndoe
,

 then  try to ping 20.20.20.3  from VM1   , it starts  pinging.

** Affects: neutron
     Importance: Undecided
         Status: New

** Description changed:

  1. Create a new tenant
  2. Create a network -> Add subnet  (10.10.10.0/24)  in the network
  3. Create  two VMs    (VM1  and VM2)   in network in s  default security  group.
  4.  Now   updated  VM1 port   with  an  allowed address pair IP  (20.20.20.2)
  
+  neutron port-update  079804ae-d941-4ec2-b36a-8b1d60b0cda8 --allowed-
+ address-pairs type=dict list=true ip_address=20.20.20.2
+ 
+ 
  Update VM port2 IP with  and allowed address pair  IP   20.20.20.3
  
+ neutron port-update f538604a-3437-447b-a4ea-7d37b07a88c6 --allowed-
+ address-pairs type=dict list=true ip_address=20.20.20.3
  
  5.  In VM1 , add  one more IP address  20.20.20.2
  
  sudo ip addr add 20.20.20.2/24 dev eth0
  
- 
  In VM2   , add IP address 20.20.20.2
  
  sudo ip addr add 20.20.20.3/24 dev eth0
- 
  
  now  from VM1  , try  to ping  20.20.20.3
  
  It  fails  to ping
  
+ Then try to restart  neutron-plugin-openvswitch-agent on compute  ndoe
+ ,
  
- Then try to restart  neutron-plugin-openvswitch-agent on compute  ndoe  ,
- 
- 
-  then  try to ping 20.20.20.3  from VM1   , it starts  pinging.
+  then  try to ping 20.20.20.3  from VM1   , it starts  pinging.

** Summary changed:

- Updated IP  of allowed address pair  is not reflected in the remote  security groups  (allowed IP list)
+ VM's  allowed address pair IP  is not  updated in the remote  group  VMs  allowed IP list.

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1338480

Title:
  VM's  allowed address pair IP  is not  updated in the remote  group
  VMs  allowed IP list.

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  1. Create a new tenant
  2. Create a network -> Add subnet  (10.10.10.0/24)  in the network
  3. Create  two VMs    (VM1  and VM2)   in network in s  default security  group.
  4.  Now   updated  VM1 port   with  an  allowed address pair IP  (20.20.20.2)

   neutron port-update  079804ae-d941-4ec2-b36a-8b1d60b0cda8 --allowed-
  address-pairs type=dict list=true ip_address=20.20.20.2

  
  Update VM port2 IP with  and allowed address pair  IP   20.20.20.3

  neutron port-update f538604a-3437-447b-a4ea-7d37b07a88c6 --allowed-
  address-pairs type=dict list=true ip_address=20.20.20.3

  5.  In VM1 , add  one more IP address  20.20.20.2

  sudo ip addr add 20.20.20.2/24 dev eth0

  In VM2   , add IP address 20.20.20.2

  sudo ip addr add 20.20.20.3/24 dev eth0

  now  from VM1  , try  to ping  20.20.20.3

  It  fails  to ping

  Then try to restart  neutron-plugin-openvswitch-agent on compute  ndoe
  ,

   then  try to ping 20.20.20.3  from VM1   , it starts  pinging.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1338480/+subscriptions


Follow ups

References