Juniper Openstack

R5.0-289: log_flow flag is deprecated, all the references need to be removed and same for all other old flags too

Bug #1798294 reported by alok kumar on 2018-10-17

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
Juniper Openstack	Status tracked in Trunk
R5.0	In Progress	High	Arvind	Juniper Openstack r5.0.3
Trunk	In Progress	High	Arvind	Juniper Openstack r5.1.0

Bug Description

After patching the setup with fix for bug 1797317, during session logging test below points observed:

1. Looks like old flag “log_flow” is still used/referenced to log the sessions because when I set “log_flow=1”(apart from slo_destination=file)extra logs(see 2nd log below) are seen as below:

INFO - [SYS_INFO]: SessionData: [ vmi = default-domain:ctest-SecurityLogging-77901689:287ea704-75b9-4e56-bcad-210a6a11531d vn = default-domain:ctest-SecurityLogging-77901689:ctest-vn-06809291 ] security_policy_rule = 00000000-0000-0000-0000-000000000001 remote_vn = default-domain:ctest-SecurityLogging-77901689:ctest-vn-23556997 is_client_session = 1 is_si = 0 vrouter_ip = 10.10.10.8 local_ip = 138.7.139.3 service_port = 0 protocol = 1 logged_forward_bytes = 98 logged_forward_pkts = 1 logged_reverse_bytes = 84 ip = 45.159.187.3 port = 8068 forward_flow_info= [ logged_bytes = 98 logged_pkts = 1 flow_uuid = f161a6d4-2c95-427a-aaae-d3724c706e1b tcp_flags = 0 setup_time = 1539689679214767 action = pass sg_rule_uuid = 8da6cbcd-91e1-4585-893b-9b1a13cc5257 nw_ace_uuid = 1b924ca7-0ca1-4886-89c1-8af60b15b67a underlay_source_port = 53414 ] reverse_flow_info= [ logged_bytes = 84 logged_pkts = 1 flow_uuid = 865627a2-084a-4f8e-9067-0aaf4b8c6a42 tcp_flags = 0 setup_time = 1539689679214767 action = pass sg_rule_uuid = 8da6cbcd-91e1-4585-893b-9b1a13cc5257 nw_ace_uuid = 1b924ca7-0ca1-4886-89c1-8af60b15b67a underlay_source_port = 65224 ] vm = 9932613e-cbd9-4fa1-9bea-2fe1a94cf1ac other_vrouter_ip = 10.10.10.9 underlay_proto = 2 ]

2018-10-16 Tue 17:04:39:995.849 IST nodem8 [Thread 140123954079488, Pid 16060]: [SYS_INFO]: SessionEndpointObject: session_data= [ [ [ vmi = default-domain:ctest-SecurityLogging-77901689:287ea704-75b9-4e56-bcad-210a6a11531d vn = default-domain:ctest-SecurityLogging-77901689:ctest-vn-06809291 security_policy_rule = 00000000-0000-0000-0000-000000000001 remote_vn = default-domain:ctest-SecurityLogging-77901689:ctest-vn-23556997 is_client_session = 1 is_si = 0 vrouter_ip = 10.10.10.8 sess_agg_info= [ [ [ local_ip = 138.7.139.3 service_port = 0 protocol = 1 ] [ sessionMap= [ [ ] ] ], ] ] ], ] ]

2. The Format of the message is changed and there is no sess_agg_info now.
Old format of the log was same as 2nd log above.

3. logged_reverse_pkts field is missing in log. Earlier same issue was seen for syslog.
https://bugs.launchpad.net/juniperopenstack/+bug/1753381

Expected session log(ignore the format):

[ vmi = default-domain:ctest-SecurityLogging-62453854:4b97fc45-dd8e-437f-9f84-967a1e6388d3 vn = default-domain:ctest-SecurityLogging-62453854:ctest-vn-23374218 security_policy_rule = 00000000-0000-0000-0000-000000000001 remote_vn = default-domain:ctest-SecurityLogging-62453854:ctest-vn-72151247 is_client_session = 1 is_si = 0 vrouter_ip = 10.10.10.8 sess_agg_info= \[ \[ \[ local_ip = 194.124.216.3 service_port = 0 protocol = 1 ] \[ logged_forward_bytes = \d+ logged_forward_pkts = \d+ logged_reverse_bytes = \d+ logged_reverse_pkts = \d+ sessionMap= \[ \[ \[ ip = 76.27.77.3 port = \d+ ] \[ forward_flow_info= \[ logged_bytes = \d+ logged_pkts = \d+ flow_uuid = [0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} tcp_flags = 0 setup_time = \d+ action = pass sg_rule_uuid = 62452913-c895-4f02-a152-e4887090e3b4 nw_ace_uuid = c8717e49-fb90-436d-8fe8-d7d9e24d39b5 underlay_source_port = \d+ ] reverse_flow_info= \[ logged_bytes = \d+ logged_pkts = \d+ flow_uuid = [0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} tcp_flags = 0 setup_time = \d+ action = pass sg_rule_uuid = 62452913-c895-4f02-a152-e4887090e3b4 nw_ace_uuid = c8717e49-fb90-436d-8fe8-d7d9e24d39b5 underlay_source_port = \d+ ] vm = 576abcb9-087a-45da-bcbb-2dd960c80bca other_vrouter_ip = 10.10.10.9 underlay_proto = 2 ], ] ] ], ] ] ]"

session log seen in agent file:

[ vmi = default-domain:ctest-SecurityLogging-62453854:4b97fc45-dd8e-437f-9f84-967a1e6388d3 vn = default-domain:ctest-SecurityLogging-62453854:ctest-vn-23374218 ] security_policy_rule = 00000000-0000-0000-0000-000000000001 remote_vn = default-domain:ctest-SecurityLogging-62453854:ctest-vn-72151247 is_client_session = 1 is_si = 0 vrouter_ip = 10.10.10.8 local_ip = 194.124.216.3 service_port = 0 protocol = 1 logged_forward_bytes = 98 logged_forward_pkts = 1 logged_reverse_bytes = 84 ip = 76.27.77.3 port = 1672 forward_flow_info= [ logged_bytes = 98 logged_pkts = 1 flow_uuid = b232e21f-88a5-40f2-a7dc-aedb198c2b87 tcp_flags = 0 setup_time = 1539693126283710 action = pass sg_rule_uuid = 62452913-c895-4f02-a152-e4887090e3b4 nw_ace_uuid = c8717e49-fb90-436d-8fe8-d7d9e24d39b5 underlay_source_port = 59521 ] reverse_flow_info= [ logged_bytes = 84 logged_pkts = 1 flow_uuid = ab21ef37-89f8-4db0-a664-a3a6fc378daa tcp_flags = 0 setup_time = 1539693126283710 action = pass sg_rule_uuid = 62452913-c895-4f02-a152-e4887090e3b4 nw_ace_uuid = c8717e49-fb90-436d-8fe8-d7d9e24d39b5 underlay_source_port = 57159 ] vm = 576abcb9-087a-45da-bcbb-2dd960c80bca other_vrouter_ip = 10.10.10.9 underlay_proto = 2 ]

Tags: