neutron

VPNaaS needs MTU checked when creating/updating connection

Bug #1219489 reported by Paul Michali on 2013-09-01

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	Fix Released	Medium	Mark McClain	neutron 2013.2 "havana"

Bug Description

Add validation in plugin for MTU during ipsec site connection creation and updating. For now, use subnet from vpnservice object to tell whether protocol is IPv4 or IPv6 and check MTU against minimum of 68 and 1280, respectively.

This cannot be done by extension or client side, as it depends on multiple objects.

In future, when add support for multiple protocols on a connection, will take the minimum of each.

Tags:

Paul Michali (pcm) on 2013-09-01

Changed in neutron:
assignee:	nobody → Paul Michali (pcm)
status:	New → In Progress

Nachi Ueno (nati-ueno) on 2013-09-01

Changed in neutron:
importance:	Undecided → Medium

Nachi Ueno (nati-ueno) on 2013-09-03

Changed in neutron:
milestone:	none → havana-3

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-09-03: Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/44933

OpenStack Infra (hudson-openstack) on 2013-09-04

Changed in neutron:
assignee:	Paul Michali (pcm) → Mark McClain (markmcclain)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-09-04: Fix merged to neutron (master)

Reviewed: https://review.openstack.org/44933
Committed: http://github.com/openstack/neutron/commit/0f9411948221b1df70d4a3f3d1271f821bea74aa
Submitter: Jenkins
Branch: master

commit 0f9411948221b1df70d4a3f3d1271f821bea74aa
Author: Paul Michali <email address hidden>
Date: Mon Sep 2 07:02:12 2013 -0400

Verify MTU is valid for ipsec_site_connection

    Since the check relies on the vpnservice subnet to determine whether
    this is IPv4 ro IPv6, we must check in the plugin. Test is done at
    create/update time and ensures that the MTU is equal to or greater
    than the minimum allowed values, which are set to 68 for IPv4
    minimum and 1280 for IPv6, respectively.

    Refactored code to allow reuse of create and update test functions,
    by allowing tests to override some settings, and to provide a dict
    of changed items (for update).

bug 1219489

Change-Id: I3e62ef786d3a02c761903a15d546ee8758c0bf7f

Changed in neutron:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2013-09-05

Changed in neutron:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2013-10-17

Changed in neutron:
milestone:	havana-3 → 2013.2

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.