Comment 14 for bug 1736972
Revision history for this message
| OpenContrail Admin (ci-admin-f) wrote A change has been merged | #14 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
demo site
(Get the code!)
Reviewed: https:/
Committed: http://
Submitter: Zuul v3 CI (<email address hidden>)
Branch: master
commit 9cec5ddfbf58ea4
Author: Nagendra E S <email address hidden>
Date: Fri Jul 6 10:44:17 2018 +0530
If I install a software simple gateway (vgw) on a compute
node and create in one virtual network 2 virtual machines,
each of them with default security group and attach a
floating IP to each of those 2 VMs I can ping by default
the VM which runs on the compute node where the vgw was
installed but cannot ping the VM which is runing on the
second compute node.
The normal behavior should be that by default (as long
as in the security default rule the ingress rule uses
the default security group as "Address" instead of
0.0.0.0/0 the ping on floating IPs should not work.
Code needs to be added to treat the special case of the
vgw interface - which is an interface of type INET and
sub-type SIMPLE_GATEWAY. After these changes the security
group rules will be respected for floating IPs on both
compute nodes.
Cherry-Pick from review:
https:/
Change-Id: If05f3b61471a95
Partial-Bug: #1736972