You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2019/05/01 09:29:19 UTC

[GitHub] [cloudstack] richardlawley opened a new issue #3309: SRX Plugin Fails to Delete Static NAT Rules

richardlawley opened a new issue #3309: SRX Plugin Fails to Delete Static NAT Rules
URL: https://github.com/apache/cloudstack/issues/3309
 
 
   <!--
   Verify first that your issue/request is not already reported on GitHub.
   Also test if the latest release and master branch are affected too.
   Always add information AFTER of these HTML comments, but no need to delete the comments.
   -->
   
   ##### ISSUE TYPE
   <!-- Pick one below and delete the rest -->
    * Bug Report
   
   ##### COMPONENT NAME
   <!--
   Categorize the issue, e.g. API, VR, VPN, UI, etc.
   -->
   ~~~
   Juniper SRX Plugin
   ~~~
   
   ##### CLOUDSTACK VERSION
   <!--
   New line separated list of affected versions, commit ID for issues on master branch.
   -->
   
   ~~~
   4.11.2, master
   ~~~
   
   ##### CONFIGURATION
   <!--
   Information about the configuration if relevant, e.g. basic network, advanced networking, etc.  N/A otherwise
   -->
   SRX Network Zone
   
   ##### OS / ENVIRONMENT
   <!--
   Information about the environment if relevant, N/A otherwise
   -->
   n/a
   
   ##### SUMMARY
   <!-- Explain the problem/feature briefly -->
   The Juniper SRX plugin fails to delete static NAT rules.  Looking at the output in debug logs, it does the following:
   * Find public rule (untrust)
   * Delete public rule (untrust)
   * Find private rule (trust)  (reports "Didn't find load-success in response" in log, indicating problem) 
   * Delete public rule (untrust) again - should have deleted private rule
   
   I believe there are two problems - the first is [here](https://github.com/apache/cloudstack/blob/1d05fead49f5c856257a741b07122f5633d2e359/plugins/network-elements/juniper-srx/src/main/java/com/cloud/network/resource/JuniperSrxResource.java#L2075) where `case CHECK_PRIVATE_IF_EXISTS:` should be added to the same block as `case CHECK_IF_EXISTS:`.
   
   The second is [here](https://github.com/apache/cloudstack/blob/1d05fead49f5c856257a741b07122f5633d2e359/plugins/network-elements/juniper-srx/src/main/java/com/cloud/network/resource/JuniperSrxResource.java#L2081) where the `sendRequestAndCheckResponse` block should be moved inside the if block where the command is constructed.
   
   ##### STEPS TO REPRODUCE
   <!--
   For bugs, show exactly how to reproduce the problem, using a minimal test-case. Use Screenshots if accurate.
   
   For new features, show how the feature would be used.
   -->
   
   <!-- Paste example playbooks or commands between quotes below -->
   ~~~
   Enable SRX Plugin
   Create Network Offering using SRX
   Create Network using SRX
   Add Static NAT rule
   Delete Static NAT rule (fails)
   ~~~
   
   <!-- You can also paste gist.github.com links for larger files -->
   
   ##### EXPECTED RESULTS
   <!-- What did you expect to happen when running the steps above? -->
   
   ~~~
   Static NAT rules should be deleted from both trust and untrust
   ~~~
   [Full Log output from Job showing problem](https://pastebin.com/g2GYrkqq)
   
   ##### ACTUAL RESULTS
   <!-- What actually happened? -->
   
   <!-- Paste verbatim command output between quotes below -->
   ~~~
   ACS attempted to delete the untrust rule twice
   ~~~
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services