VPNaaS needs MTU checked when creating/updating connection

Bug #1219489 reported by Paul Michali
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Fix Released
Medium
Mark McClain

Bug Description

Add validation in plugin for MTU during ipsec site connection creation and updating. For now, use subnet from vpnservice object to tell whether protocol is IPv4 or IPv6 and check MTU against minimum of 68 and 1280, respectively.

This cannot be done by extension or client side, as it depends on multiple objects.

In future, when add support for multiple protocols on a connection, will take the minimum of each.

Tags: vpnaas
Paul Michali (pcm)
Changed in neutron:
assignee: nobody → Paul Michali (pcm)
status: New → In Progress
Nachi Ueno (nati-ueno)
Changed in neutron:
importance: Undecided → Medium
Nachi Ueno (nati-ueno)
Changed in neutron:
milestone: none → havana-3
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to neutron (master)

Fix proposed to branch: master
Review: https://review.openstack.org/44933

Changed in neutron:
assignee: Paul Michali (pcm) → Mark McClain (markmcclain)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/44933
Committed: http://github.com/openstack/neutron/commit/0f9411948221b1df70d4a3f3d1271f821bea74aa
Submitter: Jenkins
Branch: master

commit 0f9411948221b1df70d4a3f3d1271f821bea74aa
Author: Paul Michali <email address hidden>
Date: Mon Sep 2 07:02:12 2013 -0400

    Verify MTU is valid for ipsec_site_connection

    Since the check relies on the vpnservice subnet to determine whether
    this is IPv4 ro IPv6, we must check in the plugin. Test is done at
    create/update time and ensures that the MTU is equal to or greater
    than the minimum allowed values, which are set to 68 for IPv4
    minimum and 1280 for IPv6, respectively.

    Refactored code to allow reuse of create and update test functions,
    by allowing tests to override some settings, and to provide a dict
    of changed items (for update).

    bug 1219489

    Change-Id: I3e62ef786d3a02c761903a15d546ee8758c0bf7f

Changed in neutron:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in neutron:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in neutron:
milestone: havana-3 → 2013.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.