Juniper Openstack

[1.10main-2252] Inconsistent mirroring action seen

Bug #1343442 reported by Ganesha HV on 2014-07-17

18

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	Juniper Openstack	Status tracked in Trunk
	R1.1	Won't Fix	Medium	Naveen N	Juniper Openstack r1.10-fcs
	R2.1	Won't Fix	Medium	Naveen N	Juniper Openstack r2.1-fcs
	R2.20	Won't Fix	Medium	Naveen N	Juniper Openstack r2.20-fcs
	R3.0	Fix Committed	Medium	Naveen N
	Trunk	Fix Committed	Medium	Naveen N	Juniper Openstack r3.1.0.0-fcs

Bug Description

1]. Setup:

nodea26 - cfgm
nodeb12-1, nodeb12-2 - ctrl
nodeg16 , nodeg26 - compute

2]. Launched two networks, vn1 and vn2 and assigned subnets 10.1.1.0/24 and 20.2.2.0/24 to them respectively.

3]. Launched two VMs, VM1[10.1.1.4] and VM2[20.2.2.3]

4]. Created a analyzer with its left-interface in VN1 network getting a IP of 10.1.1.3

5]. Launched a service instance in in-network mode.

6]. A service chain was created by applying a policy to allow everything between VN1 and VN2. The analyser and firewall were added to the chain.

7]. Ping from VM1 to VM2 fails. If I remove either of the mirror action/service, it passes.

Even if this mode of in-network analyser isn't supported, Ping between VM1 and V2 shouldn't fail.

See original description

Tags:

Ashish Ranjan (aranjan-n) on 2014-08-21

information type:

Proprietary → Public

Nagabhushana R (bhushana) on 2014-08-22

tags:

added: vrouter

Sudheendra Rao (sudheendra-k) on 2014-09-03

tags:

added: releasenote

Ganesha HV (ganeshahv) on 2015-02-06

description:

updated

Revision history for this message

Ganesha HV (ganeshahv) wrote on 2015-02-06:

#1

Observing the same issue irrespective of whether the Firewall is in Transparent or In-network mode

Revision history for this message

Ganesha HV (ganeshahv) wrote on 2015-02-12:

#2

Analyser Scenarios Edit (26.8 KiB, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet)

Observed a issue when mirroring wasn't working when the Src VM, Dst VM are on same compute and analyser on Diff Compute in a 2-compute node setup.
Added my observations in the attached sheet.

summary:

- [1.10main-2252] Ping fails if mirror instance in in-network mode is
- present in a service chain
+ [1.10main-2252] Inconsistent mirroring action seen

Revision history for this message

Ganesha HV (ganeshahv) wrote on 2015-02-12:

#3

Port unreachable errors are seen during the packet capture on the transparent analyser.

Sudheendra Rao (sudheendra-k) on 2015-06-02

tags:

added: regression

Revision history for this message

OpenContrail Admin (ci-admin-f) wrote on 2016-04-19: [Bug update]

#4

bug update...

Revision history for this message

Ankit Jain (ankitja) wrote on 2016-04-22:

#5

This seems to be working now tested for svc v1 in Build 2725

left_Vn:

test10.1.1.0/24
p1
DisabledUp

Right_VN:

test111.1.1.0/24
p1
DisabledUp

Policy P1:

p1test
test1
pass protocol any network test ports any <> network test1 ports any services svcinst1 mirror mirrorinst

Templates:

temp1 - v1In-networkFirewallManagement, Left, Rightvsrx / m1.medium
mirroringtemp - v1In-networkAnalyzerLeftanalyzer / m1.medium

svcinst1temp1 (in-network, version 1) Active1Management: mgmt
Left: test
(1 more)

Service Instance Details
Instance Name svcinst1
Display Name svcinst1
UUID 2a95d16e-0814-4836-8756-917b36632e39
Template temp1 (in-network, version 1)
# Instance(s) 1
HA Mode -
Networks Management: mgmt
Left: test
Right: test1
Image vsrx
Flavor m1.medium
Availability Zone ANY:ANY
Instance Status
Virtual Machine Status Power State Networks
svcinst1001 ACTIVE RUNNING mgmt:40.1.1.4
test:10.1.1.6
test1:11.1.1.5
View Console

mirrinstmirroringtemp (in-network, version 1) Active1Left: test

Service Instance Details
Instance Name mirrinst
Display Name mirrinst
UUID 9a231426-8642-4089-bdbd-5359d78d97a1
Template mirroringtemp (in-network, version 1)
# Instance(s) 1
HA Mode -
Networks Left: test
Image analyzer
Flavor m1.medium
Availability Zone ANY:ANY
Instance Status
Virtual Machine Status Power State Networks
mirrinst001 ACTIVE RUNNING test:10.1.1.3
View Console

admin nodeh3
mirrinst001
analyzer
10.1.1.3
m1.medium Active None Running 5 minutes
Edit Instance
admin nodeh3
svcinst1001
vsrx
test1

11.1.1.5
test

10.1.1.6
mgmt

40.1.1.4
m1.medium Active None Running 20 minutes
Edit Instance

admin nodeh3
vm2
ubuntu
11.1.1.3
m1.small Active None Running 4 hours, 21 minutes
Edit Instance
admin nodeh3
vm1
ubuntu
10.1.1.4
m1.small Active None Running 4 hours, 21 minutes

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #1456784

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Analyser Scenarios Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.