yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1470443] Re: ICMP rules not getting deleted on the hyperv network adapter extended acl set

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Alan Pevec <1470443@xxxxxxxxxxxxxxxxxx>
Date: Sat, 14 Nov 2015 14:50:53 -0000
Reply-to: Bug 1470443 <1470443@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Also affects: neutron
   Importance: Undecided
       Status: New

** Changed in: neutron
       Status: New => Invalid

** Also affects: neutron/juno
   Importance: Undecided
       Status: New

** Changed in: neutron/juno
       Status: New => Fix Committed

** Changed in: neutron/juno
     Assignee: (unassigned) => Krishna Kanth (krishna-kanth-mallela)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1470443

Title:
  ICMP rules not getting deleted on the hyperv network adapter extended
  acl set

Status in networking-hyperv:
  Fix Committed
Status in neutron:
  Invalid
Status in neutron juno series:
  Fix Committed

Bug description:
  1. Create a security group with icmp rule
  2. spawn a vm with the above secuirty-grop-rule
  3. ping works from dhcp namespace 
  4. delete the rule from secuirty-group which will trigger the port-update
  5. however the rule is still there on compute for the vm even after port-update

  rootcause: icmp rule is created with locacal port as empty('').
  however during remove_security_rule the rule is matched for port "ANY" which does not match any rule, hence rule not deleted.
  solution: introduce the check to match empty loalport incase of deleting icmp rule.

To manage notifications about this bug go to:
https://bugs.launchpad.net/networking-hyperv/+bug/1470443/+subscriptions