Firewall rules missing UDP port 319 for PTP
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Andre Kantek |
Bug Description
Brief Description
PTP needs UDP ports 319 and 320 to be opened by the firewall. Currently only 320 is being opened.
This is due to a copy/paste error in code:
in sysinv/
"udp":
{
}
in sysinv/
PLATFORM_
PLATFORM_
Severity
Critical
Steps to Reproduce
After installation check OAM firewall rules with:
kubectl get globalnetworkpo
Expected Behavior
action: Allow
destination:
ports:
123
- 319
- 320
2222
2223
ipVersion: 4
metadata:
annotations:
name: stx-ingr-
protocol: UDP
Actual Behavior
action: Allow
destination:
ports:
123
- 320
2222
2223
ipVersion: 4
metadata:
annotations:
name: stx-ingr-
protocol: UDP
Reproducibility
Reproducible
System Configuration
Any
Timestamp/Logs
See above.
Alarms
NA
Test Activity
NA
Workaround
Add missing 319 UDP port using:
kubectl edit globalnetworkpo
Changed in starlingx: | |
status: | New → In Progress |
tags: | added: stx.9.0 stx.networking |
Changed in starlingx: | |
assignee: | nobody → Andre Kantek (akantek) |
importance: | Undecided → Medium |
Reviewed: https:/ /review. opendev. org/c/starlingx /config/ +/898115 /opendev. org/starlingx/ config/ commit/ 064e504a05d3e7d 8d85ca96e79a0b8 c905337cf6
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit 064e504a05d3e7d 8d85ca96e79a0b8 c905337cf6
Author: Andre Kantek <email address hidden>
Date: Thu Oct 12 09:44:42 2023 -0300
Correct typo for PTP's UDP ports in the OAM firewall
The OAM firewall is not adding UDP port 319 due to a typo. This change
corrects that.
Test Plan
[PASS] validate the the OAM firewall contain ports 319 and 320 in
the UDP ingress rule.
Closes-Bug: 2039177
Change-Id: I9b7be222562708 685a32dc04cf2fc 5a35c8e1c1f
Signed-off-by: Andre Kantek <email address hidden>