cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sate...@apache.org
Subject [02/11] git commit: updated refs/heads/vmware-datamodel to 3201dbf
Date Sun, 05 May 2013 02:48:54 GMT
CLOUDSTACK-2320: On NetScaler RNAT rules are not getting created,
blocking public access to the VM's in basic zone using EIP.

Its required that both RNAT and INAT rules are required on the NetScaler
to provide public connectivity to user VM's in both in-bound and out-bound
directions. Currenely only INAT rule is added which permits inbound public
traffic to VM. This fix adds RNAT rule aswell, which ensures the outbound
public access from the user VM's


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/8b909668
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/8b909668
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/8b909668

Branch: refs/heads/vmware-datamodel
Commit: 8b909668fb5adc6c5c92cb9f00e9931555668123
Parents: a3a5862
Author: Murali Reddy <murali.reddy@citrix.com>
Authored: Fri May 3 16:06:43 2013 +0530
Committer: Murali Reddy <murali.reddy@citrix.com>
Committed: Fri May 3 16:06:43 2013 +0530

----------------------------------------------------------------------
 .../cloud/network/resource/NetscalerResource.java  |   44 +++++++++++++++
 1 files changed, 44 insertions(+), 0 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/8b909668/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java
----------------------------------------------------------------------
diff --git a/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java
b/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java
index 677bc78..563cbd4 100644
--- a/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java
+++ b/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java
@@ -1618,7 +1618,9 @@ public class NetscalerResource implements ServerResource {
                 String srcIp = rule.getSrcIp();
                 String dstIP = rule.getDstIp();
                 String iNatRuleName = generateInatRuleName(srcIp, dstIP);
+                String rNatRuleName = generateRnatRuleName(srcIp, dstIP);
                 inat iNatRule = null;
+                rnat rnatRule = null;
 
                 if (!rule.revoked()) {
                     try {
@@ -1645,9 +1647,47 @@ public class NetscalerResource implements ServerResource {
                         }
                         s_logger.debug("Created Inat rule on the Netscaler device " + _ip
+ " to enable static NAT from " +  srcIp + " to " + dstIP);
                     }
+                    try {
+                        rnat[] rnatRules = rnat.get(_netscalerService);
+                        if (rnatRules != null) {
+                            for (rnat rantrule : rnatRules) {
+                                if (rantrule.get_network().equalsIgnoreCase(rNatRuleName))
{
+                                    rnatRule = rantrule;
+                                    break;
+                                }
+                            }
+                        }
+                    } catch (nitro_exception e) {
+                        throw e;
+                    }
+
+                    if (rnatRule == null) {
+                        rnatRule = new rnat();
+                        rnatRule.set_natip(srcIp);
+                        rnatRule.set_network(dstIP);
+                        rnatRule.set_netmask("255.255.255.255");
+                        try {
+                            apiCallResult = rnat.update(_netscalerService, rnatRule);
+                        } catch (nitro_exception e) {
+                            if (e.getErrorCode() != NitroError.NS_RESOURCE_EXISTS) {
+                                throw e;
+                            }
+                        }
+                        s_logger.debug("Created Rnat rule on the Netscaler device " + _ip
+ " to enable revese static NAT from " +  dstIP + " to " + srcIp);
+                    }
                 } else {
                     try {
                         inat.delete(_netscalerService, iNatRuleName);
+                        rnat[] rnatRules = rnat.get(_netscalerService);
+                        if (rnatRules != null) {
+                            for (rnat rantrule : rnatRules) {
+                                if (rantrule.get_network().equalsIgnoreCase(dstIP)) {
+                                    rnatRule = rantrule;
+                                    rnat.clear(_netscalerService, rnatRule);
+                                    break;
+                                }
+                            }
+                        }
                     } catch (nitro_exception e) {
                         if (e.getErrorCode() != NitroError.NS_RESOURCE_NOT_EXISTS) {
                             throw e;
@@ -3090,6 +3130,10 @@ public class NetscalerResource implements ServerResource {
         return genObjectName("Cloud-Inat", srcIp);
     }
 
+    private String generateRnatRuleName(String srcIp, String dstIP) {
+        return genObjectName("Cloud-Rnat", srcIp);
+    }
+
     private String generateNSVirtualServerName(String srcIp, long srcPort) {
         return genObjectName("Cloud-VirtualServer", srcIp, srcPort);
     }


Mime
View raw message