NSX|V: Bug fixing for allowed address_pairs
Remove spoofguard mappings along with spoofguard on backend when network is set without port security. Change-Id: I03eac35ae0dfae1c716c54d972a2441c1d98f50a Signed-off-by: Michal Kelner Mishali <mkelnermishal@vmware.com>
This commit is contained in:
parent
01fa17cddc
commit
8f852c60f3
@ -683,6 +683,11 @@ def get_nsxv_spoofguard_policy_network_mappings(session, filters=None,
|
||||
filters, like_filters).all()
|
||||
|
||||
|
||||
def del_nsxv_spoofguard_binding(session, policy_id):
|
||||
return (session.query(nsxv_models.NsxvSpoofGuardPolicyNetworkMapping).
|
||||
filter_by(policy_id=policy_id).delete())
|
||||
|
||||
|
||||
def add_nsxv_lbaas_loadbalancer_binding(
|
||||
session, loadbalancer_id, edge_id, edge_fw_rule_id, vip_address):
|
||||
with session.begin(subtransactions=True):
|
||||
|
@ -1763,6 +1763,8 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin,
|
||||
if sg_policy:
|
||||
try:
|
||||
self.nsx_v.vcns.delete_spoofguard_policy(sg_policy)
|
||||
nsxv_db.del_nsxv_spoofguard_binding(context.session,
|
||||
sg_policy)
|
||||
except Exception as e:
|
||||
LOG.error('Unable to delete spoofguard policy '
|
||||
'%(sg_policy)s. Error: %(e)s',
|
||||
|
Loading…
Reference in New Issue
Block a user