yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #57824
[Bug 1633941] [NEW] VPNaaS: peer-cidr validation is invalid
Public bug reported:
When creating ipsec-site-connection in VPNaaS, it looks peer-cidr validation is invalid.
The cidr format like "10/8" should be rejected like cidr in subnet resources but it is accepted like the following:
$ neutron ipsec-site-connection-create --vpnservice-id service1 --ikepolicy-id ike1 --ipsecpolicy-id ipsec1 --peer-id 192.168.7.1 --peer-address 192.168.7.1 --peer-cidr 10/8 --psk pass
Created a new ipsec_site_connection:
+-------------------+----------------------------------------------------+
| Field | Value |
+-------------------+----------------------------------------------------+
| admin_state_up | True |
| auth_mode | psk |
| description | |
| dpd | {"action": "hold", "interval": 30, "timeout": 120} |
| id | 2bed308f-5462-45bb-ae79-5cb9003424ef |
| ikepolicy_id | be1f92ab-8064-4328-8862-777ae6878691 |
| initiator | bi-directional |
| ipsecpolicy_id | 09c67ae8-6ede-47ca-a15b-c52be1d7feaf |
| local_ep_group_id | |
| local_id | |
| mtu | 1500 |
| name | |
| peer_address | 192.168.7.1 |
| peer_cidrs | 10/8 |
| peer_ep_group_id | |
| peer_id | 192.168.7.1 |
| project_id | 068a47c758ae4b5d9fab059539e57740 |
| psk | pass |
| route_mode | static |
| status | PENDING_CREATE |
| tenant_id | 068a47c758ae4b5d9fab059539e57740 |
| vpnservice_id | 4f82612c-5e3a-4699-aafa-bdfa5ede31fe |
+-------------------+----------------------------------------------------+
I think this is because _validate_subnet_list_or_none method in
neutron_vpnaas.extensions.vpnaas doesn't return the result.
** Affects: neutron
Importance: Undecided
Status: New
** Tags: vpnaas
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1633941
Title:
VPNaaS: peer-cidr validation is invalid
Status in neutron:
New
Bug description:
When creating ipsec-site-connection in VPNaaS, it looks peer-cidr validation is invalid.
The cidr format like "10/8" should be rejected like cidr in subnet resources but it is accepted like the following:
$ neutron ipsec-site-connection-create --vpnservice-id service1 --ikepolicy-id ike1 --ipsecpolicy-id ipsec1 --peer-id 192.168.7.1 --peer-address 192.168.7.1 --peer-cidr 10/8 --psk pass
Created a new ipsec_site_connection:
+-------------------+----------------------------------------------------+
| Field | Value |
+-------------------+----------------------------------------------------+
| admin_state_up | True |
| auth_mode | psk |
| description | |
| dpd | {"action": "hold", "interval": 30, "timeout": 120} |
| id | 2bed308f-5462-45bb-ae79-5cb9003424ef |
| ikepolicy_id | be1f92ab-8064-4328-8862-777ae6878691 |
| initiator | bi-directional |
| ipsecpolicy_id | 09c67ae8-6ede-47ca-a15b-c52be1d7feaf |
| local_ep_group_id | |
| local_id | |
| mtu | 1500 |
| name | |
| peer_address | 192.168.7.1 |
| peer_cidrs | 10/8 |
| peer_ep_group_id | |
| peer_id | 192.168.7.1 |
| project_id | 068a47c758ae4b5d9fab059539e57740 |
| psk | pass |
| route_mode | static |
| status | PENDING_CREATE |
| tenant_id | 068a47c758ae4b5d9fab059539e57740 |
| vpnservice_id | 4f82612c-5e3a-4699-aafa-bdfa5ede31fe |
+-------------------+----------------------------------------------------+
I think this is because _validate_subnet_list_or_none method in
neutron_vpnaas.extensions.vpnaas doesn't return the result.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1633941/+subscriptions
Follow ups
