neutron

VPN does not allow debug to be turned on

Bug #1308730 reported by Louis Watta
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
neutron
Expired
Wishlist
Unassigned

Bug Description

Currently there is no way to enable advanced debugging of Openswan when using it with VPNaaS.
It really helps in VPN troubleshooting to be able to enable debug of the Openswan Pluto process.

Would be nice if we could somehow hook neutron debug to enable openswan debug or allow debug to be turned on some other way.

Revision history for this message
Nachi Ueno (nati-ueno) wrote :

This one needs bp

Changed in neutron:
importance: Undecided → Wishlist
Revision history for this message
Tobias (tobik) wrote :

Would be great if debug logs are shown in neutron/Horizon like the instance console log.

Manik Sidana (manik019)
Changed in neutron:
assignee: nobody → Manik Sidana (maniksidana019)
Revision history for this message
Paul Michali (pcm) wrote :

Strongswan logs to syslog, AFAICT. It is possible to change the template to increase logging level. Is the desire to make this selectable by user?

Openswan seems to write to several files. Not sure if there is a logging level that can be specified.

Probably need to talk with Horizon folks, about how to examine log information.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to neutron-vpnaas (master)

Reviewed: https://review.openstack.org/240177
Committed: https://git.openstack.org/cgit/openstack/neutron-vpnaas/commit/?id=ff49617ff7ac8f0d7268c862cc0cc4628cff9991
Submitter: Jenkins
Branch: master

commit ff49617ff7ac8f0d7268c862cc0cc4628cff9991
Author: Elena Ezhova <email address hidden>
Date: Wed Oct 28 17:05:00 2015 +0300

    Fix options for pluto per-peer logging

    --perpeerlogbase option has no effect without --perpeerlog. [1]
    Moreover there is no need to create 'logs' dir as there is a 'log'
    dir that can be reused.

    Also fixed indentation issue for enable_detailed_logging option
    declaration.

    [1] http://linux.die.net/man/8/ipsec_pluto

    DocImpact
    Related-Bug: #1308730
    Change-Id: Ie5ef72c2abd83b9b1114d90a6c7294cc34174018

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix proposed to neutron-vpnaas (stable/liberty)

Related fix proposed to branch: stable/liberty
Review: https://review.openstack.org/250818

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to neutron-vpnaas (stable/liberty)

Reviewed: https://review.openstack.org/250818
Committed: https://git.openstack.org/cgit/openstack/neutron-vpnaas/commit/?id=8bd6c43e69b5285226c70f7b3cc0319b1c6c6bdc
Submitter: Jenkins
Branch: stable/liberty

commit 8bd6c43e69b5285226c70f7b3cc0319b1c6c6bdc
Author: Elena Ezhova <email address hidden>
Date: Wed Oct 28 17:05:00 2015 +0300

    Fix options for pluto per-peer logging

    --perpeerlogbase option has no effect without --perpeerlog. [1]
    Moreover there is no need to create 'logs' dir as there is a 'log'
    dir that can be reused.

    Also fixed indentation issue for enable_detailed_logging option
    declaration.

    [1] http://linux.die.net/man/8/ipsec_pluto

    DocImpact
    Related-Bug: #1308730
    Change-Id: Ie5ef72c2abd83b9b1114d90a6c7294cc34174018
    (cherry picked from commit ff49617ff7ac8f0d7268c862cc0cc4628cff9991)

tags: added: in-stable-liberty
Manik Sidana (manik019)
Changed in neutron:
assignee: Manik Sidana (maniksidana019) → nobody
Armando Migliaccio (armando-migliaccio)
Changed in neutron:
status: New → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for neutron because there has been no activity for 60 days.]

Changed in neutron:
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.