Juniper Openstack

  1. Bug #1542311
  2. Comment #4

Comment 4 for bug 1542311

Revision history for this message
Ankit Jain (ankitja) wrote :

With this above fix, problem did not get solved.

When I configured mirroring using policy between two VNs, I see the following ACL rules in the agent if map introspect
type:access-control-list name:default-domain:admin:my_vn1:my_vn1 access-control-list-entries dynamic:false acl-rule match-condition protocol:any src-address subnet ip-prefix-len:0 virtual-network:any src-port start-port:-1 end-port:-1 dst-address subnet ip-prefix-len:0 virtual-network:any dst-port start-port:-1 end-port:-1 action-list simple-action:pass mirror-to analyzer-name:default-domain:admin:svctest2 udp-port:0 log:false alert:false rule-uuid:b7f5ffdb-0423-4d5d-bb46-d82394874d10 id-perms permissions owner:cloud-admin owner-access:7 group:cloud-admin-group group-access:7 other-access:7 uuid uuid-mslong:5973287049156316904 uuid-lslong:10391912417391903427 Uuid : 52e560ec-6267-4ee8-9037-7d48ef9d82c3 enable:true created:2016-02-09T06:01:45 last-modified:2016-02-09T10:57:08 user-visible:true perms2 owner-access:7 global-access:0 display-name:my_vn1 Adjacencies: virtual-network default-domain:admin:my_vn1
type:access-control-list name:default-domain:admin:my_vn2:my_vn2 access-control-list-entries dynamic:false acl-rule match-condition protocol:any src-address subnet ip-prefix-len:0 virtual-network:any src-port start-port:-1 end-port:-1 dst-address subnet ip-prefix-len:0 virtual-network:any dst-port start-port:-1 end-port:-1 action-list simple-action:pass mirror-to analyzer-name:default-domain:admin:svctest2 udp-port:0 log:false alert:false rule-uuid:b7f5ffdb-0423-4d5d-bb46-d82394874d10 id-perms permissions owner:cloud-admin owner-access:7 group:cloud-admin-group group-access:7 other-access:7 uuid uuid-mslong:7208681036659835273 uuid-lslong:10652992244752191557 Uuid : 640a6135-a934-4189-93d7-08012f721045 enable:true created:2016-02-09T06:01:50 last-modified:2016-02-09T10:57:08 user-visible:true perms2 owner-access:7 global-access:0 display-name:my_vn2 Adjacencies: virtual-network default-domain:admin:my_vn2

this shows only “simple-action:pass mirror-to analyzer-name:default-domain:admin:svctest2 udp-port:0
there is no service instance IP, port info etc in these rules

please check if this is due to any schema issue
Setup @ nodeg13