Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1669123

Summary: disabling port security on a port with port security enabled does not disable security groups
Product: [oVirt] ovirt-provider-ovn Reporter: Miguel Duarte Barroso <mduarted>
Component: providerAssignee: Miguel Duarte Barroso <mduarted>
Status: CLOSED CURRENTRELEASE QA Contact: msheena
Severity: high Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: bugs, danken, dholler, mburman, mduarted, royoung
Target Milestone: ovirt-4.3.0Flags: rule-engine: ovirt-4.3+
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: v1.2.19 Doc Type: No Doc Update
Doc Text:
undefined
 Story Points: ---
Clone Of: Environment:
Last Closed: 2019-02-13 07:43:26 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Network RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1539829    

Description Miguel Duarte Barroso 2019-01-24 11:49:32 UTC 
Description of problem:
Disabling port security on a port having port security enabled does not disable the security group verification, which filters the communication between the VMs.

This 

Version-Release number of selected component (if applicable):
ovirt-provider-ovn-1.2.18-1

How reproducible:
always

Steps to Reproduce:
1. create 2 ports through the provider API, each having port_security_enabled=True
2. configure the guest connected to the port accordingly 
3. disable port security on each of the ports

Actual results:
Pinging one of the guests from the other does not work

Expected results:
Pinging one of the guests from the other works as expected

Additional information:
This bug is only triggered when disabling port security on a port, if the ports are created having port security disabled, the behavior is the expected.
Comment 1 Michael Burman 2019-01-30 14:04:20 UTC 
This should moved to ON_QA right?
Comment 2 Miguel Duarte Barroso 2019-01-30 17:10:27 UTC 
yes.
Comment 3 msheena 2019-02-03 13:31:13 UTC 
Verified on versions:
(Red Hat Virtualization Manager) 4.3.0.4-0.1.el7
ovirt-provider-ovn-1.2.19-1.el7ev.noarch
Comment 4 Sandro Bonazzola 2019-02-13 07:43:26 UTC 
This bugzilla is included in oVirt 4.3.0 release, published on February 4th 2019.

Since the problem described in this bug report should be
resolved in oVirt 4.3.0 release, it has been closed with a resolution of CURRENT RELEASE.

If the solution does not work for you, please open a new bug report.