yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1362676] Re: Hyper-V agent doesn't create stateful security group rules

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Claudiu Belu <cbelu@xxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 11 Feb 2015 16:20:56 -0000
Reply-to: Bug 1362676 <1362676@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Project changed: neutron => networking-hyperv

** Also affects: neutron
   Importance: Undecided
       Status: New

** Changed in: neutron
     Assignee: (unassigned) => Claudiu Belu (cbelu)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1362676

Title:
  Hyper-V agent doesn't create stateful security group rules

Status in Hyper-V Networking Agent:
  In Progress
Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  Hyper-V agent does not create stateful security group rules (ACLs),
  meaning it doesn't allow any response traffic to pass through.

  For example, the following security group rule:
  {"direction": "ingress", "remote_ip_prefix": null, "protocol": "tcp", "port_range_max": 22,  "port_range_min": 22, "ethertype": "IPv4"}
  Allows tcp  inbound traffic through port 22, but since the Hyper-V agent does not add this rule as stateful, the reply traffic never received, unless specifically added an egress security group rule as well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/networking-hyperv/+bug/1362676/+subscriptions

References

[Bug 1362676] [NEW] Hyper-V agent doesn't create stateful security group rules
From: Claudiu Belu, 2014-08-28