Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1385338 - [RFE] [Neutron] VLAN aware VMs (Neutron trunk ports) - full support
[RFE] [Neutron] VLAN aware VMs (Neutron trunk ports) - full support
Status: CLOSED ERRATA
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-neutron (Show other bugs)
10.0 (Newton)
Unspecified Unspecified
high Severity unspecified
: Upstream M3
: 11.0 (Ocata)
Assigned To: Jakub Libosvar
Alexander Stafeyev
: FutureFeature, Triaged
Depends On: 1435956 1444368 1448829
Blocks: 1336839 1421550 1431810 1452467
  Show dependency treegraph
 
Reported: 2016-10-16 06:54 EDT by Nir Yechiel
Modified: 2017-05-19 01:52 EDT (History)
14 users (show)

See Also:
Fixed In Version: openstack-neutron-10.0.0-0.20170121135214.4f70513.1.el7ost
Doc Type: Known Issue
Doc Text:
To implement the security groups trunk feature with neutron-openvswitch-agent, openvswitch firewall driver is required. This driver currently contains a bug 1444368 where ingress traffic is wrongly matched if there are two ports with same MAC address on different network segment on the same compute node. As a result, if a subport has the same MAC address as its parent port, ingress traffic won't be matched correctly for one of the ports. A workaround to achieve correctly handled traffic is to disable port-security on the parent port and subports. For example, to disable port security on port with UUID 12345, you need to remove security groups associated with the port: openstack port set --no-security-group --disable-port-security 12345 Note that no security groups rules will be applied to that port and traffic will not be filtered or protected against ip/mac/arp spoofing.
Story Points: ---
Clone Of:
: 1431810 1452467 (view as bug list)
Environment:
Last Closed: 2017-05-17 15:35:20 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Launchpad 1689300 None None None 2017-05-08 09:03 EDT
OpenStack gerrit 418867 None None None 2017-01-27 12:06 EST
Red Hat Product Errata RHEA-2017:1245 normal SHIPPED_LIVE Red Hat OpenStack Platform 11.0 Bug Fix and Enhancement Advisory 2017-05-17 19:01:50 EDT

  None (edit)
Description Nir Yechiel 2016-10-16 06:54:21 EDT 
Description of problem:

The VLAN aware VMs feature is shipped as technology preview with RHOSP 10 (see BZ 1281567). The plan is to graduate it to full support - with proper test coverage for both OVS and OVS-DPDK.
Comment 1 Nir Yechiel 2016-10-16 07:23:54 EDT 
Link to previous, RHOSP 10 BZ (tech preview offering): https://bugzilla.redhat.com/show_bug.cgi?id=1281567

Link to related OSP director BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1371842
Comment 8 Assaf Muller 2017-01-27 12:05:33 EST 
The RFE is only pending on the scenario test in patch 418867 and ensuring we have a QECI job set up for RHEL guests that runs the Neutron Tempest scenario tests. Therefor flipping to ON_QA.
Comment 10 Nir Yechiel 2017-01-30 08:10:17 EST 
A bug to make OVS firewall working with VLAN aware VMs feature doesn't have a fix in upstream yet. The relevant bug is: https://bugs.launchpad.net/neutron/+bug/1626010

In any case, note that the OVS firewall driver won't be fully supported before RHOSP 12 and is currently in tech preview.
Comment 24 errata-xmlrpc 2017-05-17 15:35:20 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1245
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.