VMwareAPI-Team

Ensure NVP plugin does not applies SNAT internal traffic

Bug #1130053 reported by Salvatore Orlando on 2013-02-19

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	VMwareAPI-Team	New	High	Unassigned
	neutron	Fix Released	High	Salvatore Orlando	neutron 2013.1 "grizzly"

Bug Description

In the NVP plugin, the external gateway creates a default SNAT rule which causes all traffic to be SNATted.
We should ensure that appropriate measures are taken for not SNATting traffic whose destination is instead local.

Tags:

Salvatore Orlando (salvatore-orlando) on 2013-02-19

tags:

added: nicira

Salvatore Orlando (salvatore-orlando) on 2013-02-19

Changed in quantum:
importance:	Undecided → High

Revision history for this message

dan wendlandt (danwent) wrote on 2013-02-25:

this is more of a mini-feature, so we should be pushing such things to h1

Changed in quantum:
milestone:	grizzly-rc1 → havana-1

Salvatore Orlando (salvatore-orlando) on 2013-02-26

Changed in quantum:
milestone:	havana-1 → grizzly-rc1

Revision history for this message

dan wendlandt (danwent) wrote on 2013-02-26:

Salvatore and I chatted about this. I was confusing this issue with a similar one which involved API changes, which we clearly need to bump to H. This bug is a more critical change, as without it, metadata will not work properly if you have an uplink.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-02-27: Fix proposed to quantum (master)

Fix proposed to branch: master
Review: https://review.openstack.org/23055

Changed in quantum:
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-02-27: Fix merged to quantum (master)

Reviewed: https://review.openstack.org/23055
Committed: http://github.com/openstack/quantum/commit/ffad9bf71fd2076f8259d0a7b0527e4ce98c4100
Submitter: Jenkins
Branch: master

commit ffad9bf71fd2076f8259d0a7b0527e4ce98c4100
Author: Salvatore Orlando <email address hidden>
Date: Wed Feb 27 02:28:25 2013 +0100

NVP Router: Do no perfom SNAT on E-W traffic

Bug 1130053

This patch ensures 'No Snat' rules are enforced in order to avoid source
natting on east-west traffic.

Change-Id: I967e72e7b6bc8e2763c0fbdf6deeafb43ff27f54

Changed in quantum:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2013-03-13

Changed in quantum:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2013-04-04

Changed in quantum:
milestone:	grizzly-rc1 → 2013.1

Tracy Jones (tjones-i) on 2014-02-25

Changed in openstack-vmwareapi-team:
importance:	Undecided → High

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.