NSX|V: Bug fixing for allowed address_pairs
Remove spoofguard mappings along with spoofguard on backend when network is set without port security. Change-Id: I03eac35ae0dfae1c716c54d972a2441c1d98f50a Signed-off-by: Michal Kelner Mishali <mkelnermishal@vmware.com>
This commit is contained in:
parent
01fa17cddc
commit
8f852c60f3
@ -683,6 +683,11 @@ def get_nsxv_spoofguard_policy_network_mappings(session, filters=None,
|
|||||||
filters, like_filters).all()
|
filters, like_filters).all()
|
||||||
|
|
||||||
|
|
||||||
|
def del_nsxv_spoofguard_binding(session, policy_id):
|
||||||
|
return (session.query(nsxv_models.NsxvSpoofGuardPolicyNetworkMapping).
|
||||||
|
filter_by(policy_id=policy_id).delete())
|
||||||
|
|
||||||
|
|
||||||
def add_nsxv_lbaas_loadbalancer_binding(
|
def add_nsxv_lbaas_loadbalancer_binding(
|
||||||
session, loadbalancer_id, edge_id, edge_fw_rule_id, vip_address):
|
session, loadbalancer_id, edge_id, edge_fw_rule_id, vip_address):
|
||||||
with session.begin(subtransactions=True):
|
with session.begin(subtransactions=True):
|
||||||
|
@ -1763,6 +1763,8 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin,
|
|||||||
if sg_policy:
|
if sg_policy:
|
||||||
try:
|
try:
|
||||||
self.nsx_v.vcns.delete_spoofguard_policy(sg_policy)
|
self.nsx_v.vcns.delete_spoofguard_policy(sg_policy)
|
||||||
|
nsxv_db.del_nsxv_spoofguard_binding(context.session,
|
||||||
|
sg_policy)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
LOG.error('Unable to delete spoofguard policy '
|
LOG.error('Unable to delete spoofguard policy '
|
||||||
'%(sg_policy)s. Error: %(e)s',
|
'%(sg_policy)s. Error: %(e)s',
|
||||||
|
Loading…
Reference in New Issue
Block a user