[R2.0-Build 12]: ping to outside network not going thro with policy with service instance
| Affects | Status | Importance | Assigned to | Milestone | ||
|---|---|---|---|---|---|---|
| Juniper Openstack | Status tracked in Trunk | |||||
| R2.0 |
Fix Released
|
Critical
|
alok kumar | |||
| R2.1 |
New
|
Critical
|
alok kumar | |||
| Trunk |
New
|
Critical
|
alok kumar | |||
Bug Description
test scenarios:
- VN 'public' (10.204.220.192/29) and VN 'vnet1' (9.9.9.0/24) connected with policy(via transparent firewall)
- policy allows all traffic between these VNs
- route target(64512:20001) is added in vnet1. so default route(0.0.0.0/0) leaked in vnet1 and public, as expected
- now ping from public(
ping between public and vnet1 is working as expected.
Naveen has debugged the issue and found that VRF
default-
for target:64512:2000 grp list, please check snapshot attached.
setup info:
env.roledefs = {
'all': [host1,
'cfgm': [host1,
'openstack'
'control': [host2,host1],
'compute': [host3,host4],
'collector': [host2,host1],
'webui': [host1],
'database': [host1,
'build': [host_build],
}
env.hostnames = {
'all': ['nodec64', 'nodeg18', 'nodeh8', 'nodec11', 'nodec12']
}
| alok kumar (kalok) wrote | #1 |
| tags: | added: blocker |
| tags: |
added: config removed: vrouter |
| Nischal Sheth (nsheth) wrote | #2 |
| alok kumar (kalok) wrote | #3 |
| tags: | removed: contrail-control |
| information type: | Proprietary → Public |
| tags: | removed: blocker |
@Alok
I assume this is not a problem anymore with Build 22.