With this above fix, problem did not get solved.
When I configured mirroring using policy between two VNs, I see the following ACL rules in the agent if map introspect type:access-control-list name:default-domain:admin:my_vn1:my_vn1 access-control-list-entries dynamic:false acl-rule match-condition protocol:any src-address subnet ip-prefix-len:0 virtual-network:any src-port start-port:-1 end-port:-1 dst-address subnet ip-prefix-len:0 virtual-network:any dst-port start-port:-1 end-port:-1 action-list simple-action:pass mirror-to analyzer-name:default-domain:admin:svctest2 udp-port:0 log:false alert:false rule-uuid:b7f5ffdb-0423-4d5d-bb46-d82394874d10 id-perms permissions owner:cloud-admin owner-access:7 group:cloud-admin-group group-access:7 other-access:7 uuid uuid-mslong:5973287049156316904 uuid-lslong:10391912417391903427 Uuid : 52e560ec-6267-4ee8-9037-7d48ef9d82c3 enable:true created:2016-02-09T06:01:45 last-modified:2016-02-09T10:57:08 user-visible:true perms2 owner-access:7 global-access:0 display-name:my_vn1 Adjacencies: virtual-network default-domain:admin:my_vn1 type:access-control-list name:default-domain:admin:my_vn2:my_vn2 access-control-list-entries dynamic:false acl-rule match-condition protocol:any src-address subnet ip-prefix-len:0 virtual-network:any src-port start-port:-1 end-port:-1 dst-address subnet ip-prefix-len:0 virtual-network:any dst-port start-port:-1 end-port:-1 action-list simple-action:pass mirror-to analyzer-name:default-domain:admin:svctest2 udp-port:0 log:false alert:false rule-uuid:b7f5ffdb-0423-4d5d-bb46-d82394874d10 id-perms permissions owner:cloud-admin owner-access:7 group:cloud-admin-group group-access:7 other-access:7 uuid uuid-mslong:7208681036659835273 uuid-lslong:10652992244752191557 Uuid : 640a6135-a934-4189-93d7-08012f721045 enable:true created:2016-02-09T06:01:50 last-modified:2016-02-09T10:57:08 user-visible:true perms2 owner-access:7 global-access:0 display-name:my_vn2 Adjacencies: virtual-network default-domain:admin:my_vn2
this shows only “simple-action:pass mirror-to analyzer-name:default-domain:admin:svctest2 udp-port:0 there is no service instance IP, port info etc in these rules
please check if this is due to any schema issue Setup @ nodeg13
With this above fix, problem did not get solved.
When I configured mirroring using policy between two VNs, I see the following ACL rules in the agent if map introspect control- list name:default- domain: admin:my_ vn1:my_ vn1 access- control- list-entries dynamic:false acl-rule match-condition protocol:any src-address subnet ip-prefix-len:0 virtual-network:any src-port start-port:-1 end-port:-1 dst-address subnet ip-prefix-len:0 virtual-network:any dst-port start-port:-1 end-port:-1 action-list simple-action:pass mirror-to analyzer- name:default- domain: admin:svctest2 udp-port:0 log:false alert:false rule-uuid: b7f5ffdb- 0423-4d5d- bb46-d82394874d 10 id-perms permissions owner:cloud-admin owner-access:7 group:cloud- admin-group group-access:7 other-access:7 uuid uuid-mslong: 597328704915631 6904 uuid-lslong: 103919124173919 03427 Uuid : 52e560ec- 6267-4ee8- 9037-7d48ef9d82 c3 enable:true created: 2016-02- 09T06:01: 45 last-modified: 2016-02- 09T10:57: 08 user-visible:true perms2 owner-access:7 global-access:0 display-name:my_vn1 Adjacencies: virtual-network default- domain: admin:my_ vn1 control- list name:default- domain: admin:my_ vn2:my_ vn2 access- control- list-entries dynamic:false acl-rule match-condition protocol:any src-address subnet ip-prefix-len:0 virtual-network:any src-port start-port:-1 end-port:-1 dst-address subnet ip-prefix-len:0 virtual-network:any dst-port start-port:-1 end-port:-1 action-list simple-action:pass mirror-to analyzer- name:default- domain: admin:svctest2 udp-port:0 log:false alert:false rule-uuid: b7f5ffdb- 0423-4d5d- bb46-d82394874d 10 id-perms permissions owner:cloud-admin owner-access:7 group:cloud- admin-group group-access:7 other-access:7 uuid uuid-mslong: 720868103665983 5273 uuid-lslong: 106529922447521 91557 Uuid : 640a6135- a934-4189- 93d7-08012f7210 45 enable:true created: 2016-02- 09T06:01: 50 last-modified: 2016-02- 09T10:57: 08 user-visible:true perms2 owner-access:7 global-access:0 display-name:my_vn2 Adjacencies: virtual-network default- domain: admin:my_ vn2
type:access-
type:access-
this shows only “simple-action:pass mirror-to analyzer- name:default- domain: admin:svctest2 udp-port:0
there is no service instance IP, port info etc in these rules
please check if this is due to any schema issue
Setup @ nodeg13