VPNAAS: Updating the peer id from ip address to email id making the ipsec site connection forever down vm across the sites not able to ping each other
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Expired
|
Undecided
|
Unassigned |
Bug Description
Steps to Reproduce:
1.Create two site with vpn service,vpn ike policy,ipsec policy and ipsec site connection.
2. Make sure the vm across the sit are able to ping each other with successfull tunnel creation .
3.Check the status of the operation on both the sites:
neutron ipsec-site-
+------
| id | name | peer_address | peer_cidrs | route_mode | auth_mode | status |
+------
| 8af2322c-
+------
neutron vpn-service-list
+------
| id | name | router_id | status |
+------
| 58caaf89-
+------
neutron vpn-service-list
+------
| id | name | router_id | status |
+------
| 9408fed3-
+------
neutron ipsec-site-
+------
| id | name | peer_address | peer_cidrs | route_mode | auth_mode | status |
+------
| 465cca84-
+------
neutron vpn-service- show 465cca84-
+------
| Field | Value |
+------
| admin_state_up | True |
| auth_mode | psk |
| description | |
| dpd | {"action": "hold", "interval": 30, "timeout": 120} |
| id | 465cca84-
| ikepolicy_id | 6159a86b-
| initiator | bi-directional |
| ipsecpolicy_id | e63d8cef-
| mtu | 1500 |
| name | vpnconnection1 |
| peer_address | $peer_address1 |
| peer_cidrs | 10.10.1.0/24 |
| peer_id | $peer_address1 |
| psk | secret |
| route_mode | static |
| status | ACTIVE |
| tenant_id | d209c7ac08304ff
| vpnservice_id | 9408fed3-
+------
Make sure the VM across the site pinging each other.
4. Now update the peer id onto one of the site as email id.
neutron ipsec-site-
Updated ipsec_site_
5.Check the status of the vpn site conenction
neutron ipsec-site-
+------
| id | name | peer_address | peer_cidrs | route_mode | auth_mode | status |
+------
| 465cca84-
+------
Actual Results: Updating the peer id from peer ip addres to email id making ipsec site conenction down. VM across the sites not able to ping each other after the update
Expected Results: Updating the peer id from peer ip addres to email id should not make ipsec site conenction down forever and after succesfull updation the vm across the site should be able to ping each other.
tags: | added: vpnaas |
Changed in neutron: | |
assignee: | nobody → vikas (vikas-d-m) |
Changed in neutron: | |
status: | In Progress → Incomplete |
could you make sure we can resolve the domain from the namespace?
May be it is dns issue.