Comment 11 for bug 1736972
Revision history for this message
| OpenContrail Admin (ci-admin-f) wrote A change has been merged | #11 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
demo site
(Get the code!)
Reviewed: https:/
Committed: http://
Submitter: Zuul (<email address hidden>)
Branch: R3.2
commit a4071328fbbf96f
Author: Sorin Toderica <email address hidden>
Date: Tue Dec 19 09:01:49 2017 -0500
If I install a software simple gateway (vgw) on a compute node and create in one virtual network 2 virtual machines, each of them with default security group and attach a floating IP to each of those 2 VMs I can ping by default the VM which runs on the compute node where the vgw was installed but cannot ping the VM which is runing on the second compute node.
The normal behavior should be that by default (as long as in the security default rule the ingress rule uses the default security group as "Address" instead of 0.0.0.0/0 the ping on floating IPs should not work.
Code needs to be added to treat the special case of the vgw interface - which is an interface of type INET and sub-type SIMPLE_GATEWAY. After these changes the security group rules will be respected for floating IPs on both compute nodes.
Change-Id: If8d43bfb7c580e
Closes-Bug: #1736972