cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kishan Kavala (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (CLOUDSTACK-2496) NTier: Even If one ACL item fails to get programmed on the VPC VR, all the remaining ACL items in the container fail to get programmed on the VPC VR
Date Wed, 15 May 2013 10:09:15 GMT

     [ https://issues.apache.org/jira/browse/CLOUDSTACK-2496?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Kishan Kavala reassigned CLOUDSTACK-2496:
-----------------------------------------

    Assignee: Kishan Kavala
    
> NTier: Even If one ACL item fails to get programmed on the VPC VR, all the remaining
ACL items in the container fail to get programmed on the VPC VR
> ----------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-2496
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2496
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Management Server
>    Affects Versions: 4.2.0
>            Reporter: Chandan Purushothama
>            Assignee: Kishan Kavala
>             Fix For: 4.2.0
>
>
> ===========
> Observations:
> ===========
> Multiple ACL Rules are stuck in "Add" state.
> mysql> select * from network_acl_item where state="Add";
> +----+--------------------------------------+--------+------------+----------+-------+----------+---------------------+-----------+-----------+--------------+------------------+--------+--------+
> | id | uuid                                 | acl_id | start_port | end_port | state
| protocol | created             | icmp_code | icmp_type | traffic_type | cidr           
 | number | action |
> +----+--------------------------------------+--------+------------+----------+-------+----------+---------------------+-----------+-----------+--------------+------------------+--------+--------+
> | 11 | 12b84275-d2d1-4845-80ee-02f9594338cf |      1 |         81 |       82 | Add  
| 51       | 2013-05-14 22:02:45 |      NULL |      NULL | Ingress      | 10.223.195.44/32
|      9 | Allow  |
> | 12 | 582d0151-9a01-4070-a231-5b53fe4b52cc |      1 |         82 |       83 | Add  
| 50       | 2013-05-14 22:08:53 |      NULL |      NULL | Ingress      | 10.223.195.44/32
|     10 | Allow  |
> | 13 | 28119c8a-6099-42ef-94cb-762471d77192 |      1 |         83 |       84 | Add  
| 47       | 2013-05-14 22:09:59 |      NULL |      NULL | Ingress      | 10.223.195.44/32
|     11 | Allow  |
> | 14 | b7e5a82b-a952-4e4c-b572-06758bc067f1 |      1 |         84 |       85 | Add  
| 40       | 2013-05-14 22:10:51 |      NULL |      NULL | Ingress      | 10.223.195.44/32
|     12 | Allow  |
> | 15 | 7abb418f-86c5-4786-9f0c-aab4fe84174b |      1 |         85 |       86 | Add  
| 132      | 2013-05-14 22:12:46 |      NULL |      NULL | Ingress      | 10.223.195.44/32
|     13 | Allow  |
> | 16 | 4366b81f-788d-424f-964a-45194a491354 |      1 |         86 |       87 | Add  
| 33       | 2013-05-14 22:13:10 |      NULL |      NULL | Ingress      | 10.223.195.44/32
|     14 | Allow  |
> | 17 | 24aba3f4-db6c-4f67-9c93-b2596201d5b6 |      1 |         99 |      100 | Add  
| 92       | 2013-05-14 22:16:36 |      NULL |      NULL | Ingress      | 10.223.195.44/32
|     15 | Allow  |
> +----+--------------------------------------+--------+------------+----------+-------+----------+---------------------+-----------+-----------+--------------+------------------+--------+--------+
> 7 rows in set (0.00 sec)
> On the VPC VR, On every ACL Rule creation, the programming fails during the first rule
and doesn't attempt to program the remaining ACL Rules on the VPC VR.
> May 14 14:03:49 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::6:56:67:10.223.131.170/32
> May 14 14:03:49 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:03:49 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw rules for guest
network: 192.168.10.1/24
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::6:44:45:10.223.195.44/32
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw rules for guest
network: 192.168.10.1/24
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::17:79:80:10.223.195.44/32
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw rules for guest
network: 192.168.10.1/24
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::tcp:22:23:10.223.195.44/32
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw rules for guest
network: 192.168.10.1/24
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::udp:23:24:10.223.195.44/32
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw rules for guest
network: 192.168.10.1/24
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::all:0:0:0.0.0.0/0
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw rules for guest
network: 192.168.10.1/24
> May 14 14:03:50 r-3-NTIER cloud: vpc_acl.sh: deleting backup for guest network: 192.168.10.1/24
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::6:80:81:10.223.131.170/32
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw rules for guest
network: 192.168.10.1/24
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::51:81:82:10.223.195.44/32
> May 14 14:04:37 r-3-NTIER cloud: Error adding iptables entry for guest network : 192.168.10.1/24,inbound::51:81:82:10.223.195.44/32
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: failure to apply fw rules for guest network:
192.168.10.1/24
> May 14 14:04:37 r-3-NTIER cloud: vpc_acl.sh: restoring from backup for guest network:
192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::6:80:81:10.223.131.170/32
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw rules for guest
network: 192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::50:82:83:10.223.195.44/32
> May 14 14:10:47 r-3-NTIER cloud: Error adding iptables entry for guest network : 192.168.10.1/24,inbound::50:82:83:10.223.195.44/32
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: failure to apply fw rules for guest network:
192.168.10.1/24
> May 14 14:10:47 r-3-NTIER cloud: vpc_acl.sh: restoring from backup for guest network:
192.168.10.1/24
> May 14 14:11:53 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::6:80:81:10.223.131.170/32
> May 14 14:11:53 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:11:53 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw rules for guest
network: 192.168.10.1/24
> May 14 14:11:53 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::50:82:83:10.223.195.44/32
> May 14 14:11:53 r-3-NTIER cloud: Error adding iptables entry for guest network : 192.168.10.1/24,inbound::50:82:83:10.223.195.44/32
> May 14 14:11:53 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:11:53 r-3-NTIER cloud: vpc_acl.sh: failure to apply fw rules for guest network:
192.168.10.1/24
> May 14 14:11:53 r-3-NTIER cloud: vpc_acl.sh: restoring from backup for guest network:
192.168.10.1/24
> May 14 14:12:44 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::6:80:81:10.223.131.170/32
> May 14 14:12:44 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:12:44 r-3-NTIER cloud: vpc_acl.sh: successful in applying fw rules for guest
network: 192.168.10.1/24
> May 14 14:12:44 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::50:82:83:10.223.195.44/32
> May 14 14:12:44 r-3-NTIER cloud: Error adding iptables entry for guest network : 192.168.10.1/24,inbound::50:82:83:10.223.195.44/32
> May 14 14:12:44 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:12:44 r-3-NTIER cloud: vpc_acl.sh: failure to apply fw rules for guest network:
192.168.10.1/24
> May 14 14:12:44 r-3-NTIER cloud: vpc_acl.sh: restoring from backup for guest network:
192.168.10.1/24
> May 14 14:14:38 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::50:82:83:10.223.195.44/32
> May 14 14:14:38 r-3-NTIER cloud: Error adding iptables entry for guest network : 192.168.10.1/24,inbound::50:82:83:10.223.195.44/32
> May 14 14:14:38 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:14:38 r-3-NTIER cloud: vpc_acl.sh: failure to apply fw rules for guest network:
192.168.10.1/24
> May 14 14:14:38 r-3-NTIER cloud: vpc_acl.sh: restoring from backup for guest network:
192.168.10.1/24
> May 14 14:15:04 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::50:82:83:10.223.195.44/32
> May 14 14:15:04 r-3-NTIER cloud: Error adding iptables entry for guest network : 192.168.10.1/24,inbound::50:82:83:10.223.195.44/32
> May 14 14:15:04 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:15:04 r-3-NTIER cloud: vpc_acl.sh: failure to apply fw rules for guest network:
192.168.10.1/24
> May 14 14:15:04 r-3-NTIER cloud: vpc_acl.sh: restoring from backup for guest network:
192.168.10.1/24
> May 14 14:18:27 r-3-NTIER cloud: vpc_acl.sh: enter apply acl rules for guest network:
192.168.10.1/24, inbound::50:82:83:10.223.195.44/32
> May 14 14:18:27 r-3-NTIER cloud: Error adding iptables entry for guest network : 192.168.10.1/24,inbound::50:82:83:10.223.195.44/32
> May 14 14:18:27 r-3-NTIER cloud: vpc_acl.sh: exit apply acl rules for guest network :
192.168.10.1/24
> May 14 14:18:27 r-3-NTIER cloud: vpc_acl.sh: failure to apply fw rules for guest network:
192.168.10.1/24
> May 14 14:18:27 r-3-NTIER cloud: vpc_acl.sh: restoring from backup for guest network:
192.168.10.1/24

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message