yahoo-eng-team team mailing list archive

[Eran Kuris <ekuris@xxxxxxxxxx>]

Public bug reported:

According to RFE: https://bugzilla.redhat.com/show_bug.cgi?id=1167496 
Port that already created from network with --port_security_enabled=True  will not updated to False when we update network to --port_security_enabled=False.
Version:
# rpm -qa |grep neutron
python-neutronclient-2.3.11-1.el7.noarch
openstack-neutron-2015.1.0-1.el7.noarch
openstack-neutron-ml2-2015.1.0-1.el7.noarch
openstack-neutron-lbaas-2015.1.0-1.el7.noarch
openstack-neutron-openvswitch-2015.1.0-1.el7.noarch
python-neutron-2015.1.0-1.el7.noarch
openstack-neutron-common-2015.1.0-1.el7.noarch
python-neutron-lbaas-2015.1.0-1.el7.noarch

enter to plugin.ini and enable port-security extension:
[root@puma15]# vi /etc/neutron/plugin.ini extension_drivers=port_security
* you have to restart neutron server service : 
#openstack-service restart neutron-server
1. Create internal network & subnet 
# neutron net-create int_net
# neutron net-show int_net | grep port_security_enabled
# neutron subnet-create <net-id> 192.168.1.0/24 --name ipv4_subnet --ip-version 4 --dns_nameservers list=true 10.35.28.28 
2. create neutron router 
#neutron router-create Router_eNet
3. create interface for internal network in the router 
#neutron router-interface-add Router_eNet <ipv4_subnet>
4. create gateway for the router
#neutron router-gateway-set Router_eNet <id net ext net> 
5. Launch 2 instances 
6.#neutron net-update int_net --port-security-enabled=False 
7. check the port of exist VM  its still in True .

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1453667

Title:
  Changing --port_security_enabled=False in network does not propagated
  to already existing ports

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  According to RFE: https://bugzilla.redhat.com/show_bug.cgi?id=1167496 
  Port that already created from network with --port_security_enabled=True  will not updated to False when we update network to --port_security_enabled=False.
  Version:
  # rpm -qa |grep neutron
  python-neutronclient-2.3.11-1.el7.noarch
  openstack-neutron-2015.1.0-1.el7.noarch
  openstack-neutron-ml2-2015.1.0-1.el7.noarch
  openstack-neutron-lbaas-2015.1.0-1.el7.noarch
  openstack-neutron-openvswitch-2015.1.0-1.el7.noarch
  python-neutron-2015.1.0-1.el7.noarch
  openstack-neutron-common-2015.1.0-1.el7.noarch
  python-neutron-lbaas-2015.1.0-1.el7.noarch

  enter to plugin.ini and enable port-security extension:
  [root@puma15]# vi /etc/neutron/plugin.ini extension_drivers=port_security
  * you have to restart neutron server service : 
  #openstack-service restart neutron-server
  1. Create internal network & subnet 
  # neutron net-create int_net
  # neutron net-show int_net | grep port_security_enabled
  # neutron subnet-create <net-id> 192.168.1.0/24 --name ipv4_subnet --ip-version 4 --dns_nameservers list=true 10.35.28.28 
  2. create neutron router 
  #neutron router-create Router_eNet
  3. create interface for internal network in the router 
  #neutron router-interface-add Router_eNet <ipv4_subnet>
  4. create gateway for the router
  #neutron router-gateway-set Router_eNet <id net ext net> 
  5. Launch 2 instances 
  6.#neutron net-update int_net --port-security-enabled=False 
  7. check the port of exist VM  its still in True .

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1453667/+subscriptions