FWaaS: Invalid port error on associating L3 ports (Router in HA) to firewall group
Bug #1759773 reported by
Sridar Kandaswamy
This bug report is a duplicate of:
Bug #1762454: FWaaS: Invalid port error on associating ports (distributed router) to firewall group.
Edit
Remove
This bug affects 4 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Confirmed
|
Undecided
|
Sridar Kandaswamy |
Bug Description
From: Ignazio Cassano:
I am trying to use fwaas v2 on centos 7 openstack ocata.
After creating firewall rules an policy I am looking for creating firewall
group .
I am able to create the firewall group, but it does not work when I try to
set the ports into it.
openstack firewall group set --port
87173e27-
Failed to set firewall group 'prova': Firewall Group Port
87173e27-
Neutron server returns request_ids:
['req-9ef8ad1e-
To post a comment you must log in.
I filed the bug on behalf of Ignazio and have confirmed the issue, to be due to the validation checks in the plugin for the device_owner. I am evaluating potential other issues on a HA scenario.
The port in question:
[root@podto1- osctrl01 ~]# openstack port show c8f6541f- 5b47-49dd- a1dd-28d1310ced 90 -f json address_ pairs": "", dhcp_opts" : "", 22T13:46: 28Z", ha_router_ replicated_ interface" , number" : 20, security_ enabled" : true, '10.138. 136.19' , subnet_ id='284fe1de- fe62-4548- 913d-fb8fca30c3 64'", 5b47-49dd- a1dd-28d1310ced 90", groups" : "4d2fdd79- 0f6c-4c26- a87b-a76b5d1290 1e", vnic_type" : "normal", 3e:03:10: f5", f5a571de40220fb f80", profile" : "", vif_type" : "ovs", vif_details" : "ovs_hybrid_ plug='True' , port_filter= 'True'" , host-10- 138-136- 19.openstackloc al.', hostname= 'host-10- 138-136- 19', ip_address= '10.138. 136.19' ", 59da-4c58- bbc3-c3a18e412d 9c", 9b91-4663- adb3-b10b5ebcc4 f1", 21T16:34: 11Z", host_id" : "podto1-osctrl02"
{
"allowed_
"extra_
"updated_at": "2018-03-
"device_owner": "network:
"revision_
"port_
"fixed_ips": "ip_address=
"id": "c8f6541f-
"security_
"option_value": null,
"binding_
"option_name": null,
"description": "",
"qos_policy_id": null,
"mac_address": "fa:16:
"project_id": "0e760ccde5d24a
"status": "ACTIVE",
"binding_
"binding_
"binding_
"dns_assignment": "fqdn='
"ip_address": null,
"device_id": "7ddd5e26-
"name": "",
"admin_state_up": "UP",
"network_id": "c4731392-
"dns_name": "",
"created_at": "2018-03-
"subnet_id": null,
"binding_
}