Comment 18 for bug 1736972
Revision history for this message
| OpenContrail Admin (ci-admin-f) wrote A change has been merged | #18 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
Reviewed: https:/
Committed: http://
Submitter: Zuul (<email address hidden>)
Branch: R4.1
commit f32b4d5b78c00f3
Author: Nagendra E S <email address hidden>
Date: Fri Aug 3 18:46:37 2018 +0530
If I install a software simple gateway (vgw) on a compute
node and create in one virtual network 2 virtual machines,
each of them with default security group and attach a
floating IP to each of those 2 VMs I can ping by default
the VM which runs on the compute node where the vgw was
installed but cannot ping the VM which is runing on the
second compute node.
The normal behavior should be that by default (as long
as in the security default rule the ingress rule uses
the default security group as "Address" instead of
0.0.0.0/0 the ping on floating IPs should not work.
Code needs to be added to treat the special case of the
vgw interface - which is an interface of type INET and
sub-type SIMPLE_GATEWAY. After these changes the security
group rules will be respected for floating IPs on both
compute nodes.
Cherry-Pick from review:
https:/
Change-Id: I417897106f2bad
Partial-Bug: #1736972