Firewall rules missing UDP port 319 for PTP
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| StarlingX |
Fix Released
|
Medium
|
Andre Kantek | ||
Bug Description
Brief Description
PTP needs UDP ports 319 and 320 to be opened by the firewall. Currently only 320 is being opened.
This is due to a copy/paste error in code:
in sysinv/
"udp":
{
}
in sysinv/
PLATFORM_
PLATFORM_
Severity
Critical
Steps to Reproduce
After installation check OAM firewall rules with:
kubectl get globalnetworkpo
Expected Behavior
action: Allow
destination:
ports:
123
- 319
- 320
2222
2223
ipVersion: 4
metadata:
annotations:
name: stx-ingr-
protocol: UDP
Actual Behavior
action: Allow
destination:
ports:
123
- 320
2222
2223
ipVersion: 4
metadata:
annotations:
name: stx-ingr-
protocol: UDP
Reproducibility
Reproducible
System Configuration
Any
Timestamp/Logs
See above.
Alarms
NA
Test Activity
NA
Workaround
Add missing 319 UDP port using:
kubectl edit globalnetworkpo
| Changed in starlingx: | |
| status: | New → In Progress |
| tags: | added: stx.9.0 stx.networking |
| Changed in starlingx: | |
| assignee: | nobody → Andre Kantek (akantek) |
| importance: | Undecided → Medium |
| OpenStack Infra (hudson-openstack) wrote Fix merged to config (master) | #1 |
| Changed in starlingx: | |
| status: | In Progress → Fix Released |
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 064e504a05d3e7d
Author: Andre Kantek <email address hidden>
Date: Thu Oct 12 09:44:42 2023 -0300
Correct typo for PTP's UDP ports in the OAM firewall
The OAM firewall is not adding UDP port 319 due to a typo. This change
corrects that.
Test Plan
[PASS] validate the the OAM firewall contain ports 319 and 320 in
the UDP ingress rule.
Closes-Bug: 2039177
Change-Id: I9b7be222562708
Signed-off-by: Andre Kantek <email address hidden>