neutron

[VPNaas-DVR]The Traffic is unreachable after the virtual machine is bound to the floating IP

Bug #1874392 reported by yuanshuo on 2020-04-23

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	New	Undecided	Unassigned

Bug Description

Create virtual machines under different VPCs and configure corresponding VPN services. When the vpn connection is active, virtual machines under different VPCs can communicate through the ipsec tunnel.
However, after the virtual machine is bound to the floating ip, the traffic to the external network does not pass through the snat namespace, and therefore cannot be forwarded through the ipsec tunnel, so the traffic is unreachable.

See original description

Tags:

yuanshuo (yush2009) on 2020-04-23

description:

updated

Revision history for this message

Dongcan Ye (hellochosen) wrote on 2020-04-27:

@yuanshuo, hi, thank you for raise the problem here. Please see the https://bugs.launchpad.net/neutron/+bug/1717266 for detail.
Currently this is a expected behavior as the vpn service is running in snat namespace, not in qrouter.
If we want to support this, we may need patch some code to implement this.

tags:

added: vpnaas

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.