vmware-nsx

Security group is dropping DHCP packet

Bug #1507815 reported by Tong Liu on 2015-10-19

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	vmware-nsx	Fix Released	Undecided	Unassigned

Bug Description

The instances launched are not able to get IP addresses because the DHCP packet are dropped by security group. If we open up OS default Block all, instances are able to acquire IP addresses. I saw we only allow DHCP-Client packet in the OS default section. But I believe we should also allow DHCP-Server.

Tags:

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-11-18: Fix proposed to vmware-nsx (stable/liberty)

Fix proposed to branch: stable/liberty
Review: https://review.openstack.org/246795

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-11-18:

Fix proposed to branch: stable/liberty
Review: https://review.openstack.org/246800

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-11-18:

Fix proposed to branch: stable/liberty
Review: https://review.openstack.org/246806

Gary Kotton (garyk) on 2015-11-18

Changed in vmware-nsx:
status:	New → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-11-18: Fix merged to vmware-nsx (stable/liberty)

Reviewed: https://review.openstack.org/246800
Committed: https://git.openstack.org/cgit/openstack/vmware-nsx/commit/?id=efc062ac9defa90bff2160f0675bfc8c14ac171f
Submitter: Jenkins
Branch: stable/liberty

commit efc062ac9defa90bff2160f0675bfc8c14ac171f
Author: Gary Kotton <email address hidden>
Date: Sun Oct 18 05:19:25 2015 -0700

Move 'locking_coordinator_url' to common configuration section

The variable will now be in the 'DEFAULT' section. This is due to the
fact that it is used by the NSX|V and NSX|V3 plugins.

DocImpact

Partial-bug: #1507815

Change-Id: I3238eafcf2fde0cb4fa6cd48099908980c28d39f
(cherry picked from commit 7be0400365ef391d46d8b4181c05be5fef5b9639)

tags:

added: in-stable-liberty

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-11-18:

Reviewed: https://review.openstack.org/246806
Committed: https://git.openstack.org/cgit/openstack/vmware-nsx/commit/?id=0decbf8b4289a2f9e6095992043107cacd06dca3
Submitter: Jenkins
Branch: stable/liberty

commit 0decbf8b4289a2f9e6095992043107cacd06dca3
Author: Boden R <email address hidden>
Date: Fri Oct 16 13:04:57 2015 -0600

psec profile distributed locking

    Change the current NSX v3 plugin implementation
    to use distributed locking when initializing the
    port security spoofguard profile.

stable/liberty backport candidate

Partial-bug: #1507815

Change-Id: I26419f757399aba21c131cefff9745ffd377ec98
(cherry picked from commit 95342f389cc965f936388c25d5c73760b9b9cef9)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2015-11-18:

Reviewed: https://review.openstack.org/246795
Committed: https://git.openstack.org/cgit/openstack/vmware-nsx/commit/?id=630b0aebb8021b53d66b37c2971663a1f23ad3b0
Submitter: Jenkins
Branch: stable/liberty

commit 630b0aebb8021b53d66b37c2971663a1f23ad3b0
Author: Gary Kotton <email address hidden>
Date: Mon Oct 19 07:36:38 2015 -0700

NSX|V3: create dhcp profile at boot time

This profile will be applied to the DHCP ports if the DHCP service
is enabled.

The change remove the requirement that the admin create this out of
band.

This is now possible due to the fact that we are using a distributed
locking mechanism.

Closes-bug: #1507815

Conflicts:
vmware_nsx/tests/unit/nsx_v3/test_plugin.py

Change-Id: I12538af5849226ae3d8aeaea94bdd80be6ed0605
(cherry picked from commit dd7dd97bed6035f76628394ef60a39471146ae2b)

Adit Sarfaty (asarfaty) on 2020-07-29

Changed in vmware-nsx:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.