Return-Path: X-Original-To: apmail-cloudstack-commits-archive@www.apache.org Delivered-To: apmail-cloudstack-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 2694CF122 for ; Sun, 5 May 2013 02:48:55 +0000 (UTC) Received: (qmail 1850 invoked by uid 500); 5 May 2013 02:48:54 -0000 Delivered-To: apmail-cloudstack-commits-archive@cloudstack.apache.org Received: (qmail 1793 invoked by uid 500); 5 May 2013 02:48:54 -0000 Mailing-List: contact commits-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list commits@cloudstack.apache.org Received: (qmail 1702 invoked by uid 99); 5 May 2013 02:48:54 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 05 May 2013 02:48:54 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id EDB0F886F5D; Sun, 5 May 2013 02:48:53 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sateesh@apache.org To: commits@cloudstack.apache.org Date: Sun, 05 May 2013 02:48:54 -0000 Message-Id: <12413a4f6ce14bc68fc57a47ba2abc58@git.apache.org> In-Reply-To: <071906ae4c6544a6bb43d2385ee9b572@git.apache.org> References: <071906ae4c6544a6bb43d2385ee9b572@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [02/11] git commit: updated refs/heads/vmware-datamodel to 3201dbf CLOUDSTACK-2320: On NetScaler RNAT rules are not getting created, blocking public access to the VM's in basic zone using EIP. Its required that both RNAT and INAT rules are required on the NetScaler to provide public connectivity to user VM's in both in-bound and out-bound directions. Currenely only INAT rule is added which permits inbound public traffic to VM. This fix adds RNAT rule aswell, which ensures the outbound public access from the user VM's Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/8b909668 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/8b909668 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/8b909668 Branch: refs/heads/vmware-datamodel Commit: 8b909668fb5adc6c5c92cb9f00e9931555668123 Parents: a3a5862 Author: Murali Reddy Authored: Fri May 3 16:06:43 2013 +0530 Committer: Murali Reddy Committed: Fri May 3 16:06:43 2013 +0530 ---------------------------------------------------------------------- .../cloud/network/resource/NetscalerResource.java | 44 +++++++++++++++ 1 files changed, 44 insertions(+), 0 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/8b909668/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java ---------------------------------------------------------------------- diff --git a/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java b/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java index 677bc78..563cbd4 100644 --- a/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java +++ b/plugins/network-elements/netscaler/src/com/cloud/network/resource/NetscalerResource.java @@ -1618,7 +1618,9 @@ public class NetscalerResource implements ServerResource { String srcIp = rule.getSrcIp(); String dstIP = rule.getDstIp(); String iNatRuleName = generateInatRuleName(srcIp, dstIP); + String rNatRuleName = generateRnatRuleName(srcIp, dstIP); inat iNatRule = null; + rnat rnatRule = null; if (!rule.revoked()) { try { @@ -1645,9 +1647,47 @@ public class NetscalerResource implements ServerResource { } s_logger.debug("Created Inat rule on the Netscaler device " + _ip + " to enable static NAT from " + srcIp + " to " + dstIP); } + try { + rnat[] rnatRules = rnat.get(_netscalerService); + if (rnatRules != null) { + for (rnat rantrule : rnatRules) { + if (rantrule.get_network().equalsIgnoreCase(rNatRuleName)) { + rnatRule = rantrule; + break; + } + } + } + } catch (nitro_exception e) { + throw e; + } + + if (rnatRule == null) { + rnatRule = new rnat(); + rnatRule.set_natip(srcIp); + rnatRule.set_network(dstIP); + rnatRule.set_netmask("255.255.255.255"); + try { + apiCallResult = rnat.update(_netscalerService, rnatRule); + } catch (nitro_exception e) { + if (e.getErrorCode() != NitroError.NS_RESOURCE_EXISTS) { + throw e; + } + } + s_logger.debug("Created Rnat rule on the Netscaler device " + _ip + " to enable revese static NAT from " + dstIP + " to " + srcIp); + } } else { try { inat.delete(_netscalerService, iNatRuleName); + rnat[] rnatRules = rnat.get(_netscalerService); + if (rnatRules != null) { + for (rnat rantrule : rnatRules) { + if (rantrule.get_network().equalsIgnoreCase(dstIP)) { + rnatRule = rantrule; + rnat.clear(_netscalerService, rnatRule); + break; + } + } + } } catch (nitro_exception e) { if (e.getErrorCode() != NitroError.NS_RESOURCE_NOT_EXISTS) { throw e; @@ -3090,6 +3130,10 @@ public class NetscalerResource implements ServerResource { return genObjectName("Cloud-Inat", srcIp); } + private String generateRnatRuleName(String srcIp, String dstIP) { + return genObjectName("Cloud-Rnat", srcIp); + } + private String generateNSVirtualServerName(String srcIp, long srcPort) { return genObjectName("Cloud-VirtualServer", srcIp, srcPort); }