Fix unable to ping floating ip from internal_ip
The following patch adds a no-dnat rule so that an internal_ip can communicate with it's floatingip. Fixes bug: 1221419 Change-Id: I3899b01f316902d1139e47b153aadb7ecb1ff983
This commit is contained in:
Aaron Rosen
Gerrit Code Review
parent
3e564f8e03
commit
6b3a3599cf
@ -1726,6 +1726,16 @@ class NvpPluginV2(addr_pair_db.AllowedAddressPairsMixin,
|
||||
max_num_expected=1,
|
||||
min_num_expected=min_num_rules_expected,
|
||||
source_ip_addresses=internal_ip)
|
||||
|
||||
# Remove No-DNAT rule associated with the single fixed_ip
|
||||
# to floating ip
|
||||
nvplib.delete_nat_rules_by_match(
|
||||
self.cluster, router_id, "NoDestinationNatRule",
|
||||
max_num_expected=1,
|
||||
min_num_expected=min_num_rules_expected,
|
||||
source_ip_addresses=internal_ip,
|
||||
destination_ip_addresses=floating_ip_address)
|
||||
|
||||
except NvpApiClient.NvpApiException:
|
||||
LOG.exception(_("An error occurred while removing NAT rules "
|
||||
"on the NVP platform for floating ip:%s"),
|
||||
@ -1823,6 +1833,14 @@ class NvpPluginV2(addr_pair_db.AllowedAddressPairsMixin,
|
||||
self.cluster, router_id, floating_ip, floating_ip,
|
||||
order=NVP_FLOATINGIP_NAT_RULES_ORDER,
|
||||
match_criteria={'source_ip_addresses': internal_ip})
|
||||
# Add No-DNAT rule to allow fixed_ip to ping floatingip.
|
||||
nvplib.create_lrouter_nodnat_rule(
|
||||
self.cluster, router_id,
|
||||
order=NVP_FLOATINGIP_NAT_RULES_ORDER - 1,
|
||||
match_criteria={'source_ip_addresses': internal_ip,
|
||||
'destination_ip_addresses':
|
||||
floating_ip})
|
||||
|
||||
# Add Floating IP address to router_port
|
||||
nvplib.update_lrouter_port_ips(self.cluster,
|
||||
router_id,
|
||||
|
||||
@ -1105,6 +1105,11 @@ def create_lrouter_nosnat_rule_v2(cluster, _router_id, _match_criteria=None):
|
||||
"this version of the NVP platform"))
|
||||
|
||||
|
||||
def create_lrouter_nodnat_rule_v2(cluster, _router_id, _match_criteria=None):
|
||||
LOG.info(_("No DNAT rules cannot be applied as they are not available in "
|
||||
"this version of the NVP platform"))
|
||||
|
||||
|
||||
def create_lrouter_snat_rule_v2(cluster, router_id,
|
||||
min_src_ip, max_src_ip, match_criteria=None):
|
||||
|
||||
@ -1140,6 +1145,18 @@ def create_lrouter_nosnat_rule_v3(cluster, router_id, order=None,
|
||||
return _create_lrouter_nat_rule(cluster, router_id, nat_rule_obj)
|
||||
|
||||
|
||||
def create_lrouter_nodnat_rule_v3(cluster, router_id, order=None,
|
||||
match_criteria=None):
|
||||
nat_match_obj = _create_nat_match_obj(**match_criteria)
|
||||
nat_rule_obj = {
|
||||
"type": "NoDestinationNatRule",
|
||||
"match": nat_match_obj
|
||||
}
|
||||
if order:
|
||||
nat_rule_obj['order'] = order
|
||||
return _create_lrouter_nat_rule(cluster, router_id, nat_rule_obj)
|
||||
|
||||
|
||||
def create_lrouter_snat_rule_v3(cluster, router_id, min_src_ip, max_src_ip,
|
||||
order=None, match_criteria=None):
|
||||
nat_match_obj = _create_nat_match_obj(**match_criteria)
|
||||
@ -1180,6 +1197,11 @@ def create_lrouter_nosnat_rule(cluster, *args, **kwargs):
|
||||
pass
|
||||
|
||||
|
||||
@version_dependent
|
||||
def create_lrouter_nodnat_rule(cluster, *args, **kwargs):
|
||||
pass
|
||||
|
||||
|
||||
def delete_nat_rules_by_match(cluster, router_id, rule_type,
|
||||
max_num_expected,
|
||||
min_num_expected=0,
|
||||
@ -1267,6 +1289,9 @@ NVPLIB_FUNC_DICT = {
|
||||
'create_lrouter_nosnat_rule': {
|
||||
2: {DEFAULT: create_lrouter_nosnat_rule_v2, },
|
||||
3: {DEFAULT: create_lrouter_nosnat_rule_v3, }, },
|
||||
'create_lrouter_nodnat_rule': {
|
||||
2: {DEFAULT: create_lrouter_nodnat_rule_v2, },
|
||||
3: {DEFAULT: create_lrouter_nodnat_rule_v3, }, },
|
||||
'get_default_route_explicit_routing_lrouter': {
|
||||
3: {DEFAULT: get_default_route_explicit_routing_lrouter_v32,
|
||||
2: get_default_route_explicit_routing_lrouter_v32, }, },
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user