You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by "Sheng Yang (JIRA)" <ji...@apache.org> on 2013/02/28 01:13:13 UTC

[jira] [Resolved] (CLOUDSTACK-1394) [F5-SRX-InlineMode] Failure in static nat configuration on SRX does not result in LB configuration error in CS during LB rule configuration

     [ https://issues.apache.org/jira/browse/CLOUDSTACK-1394?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sheng Yang resolved CLOUDSTACK-1394.
------------------------------------

    Resolution: Not A Problem

Please check the status of LB rule. It should still in Add state, which means it's not Active.

It's by design, and not inline mode related. We didn't revoke the fail LB rule in DB, but no vm would be associate with it.
                
> [F5-SRX-InlineMode] Failure in static nat configuration on SRX does not result in LB configuration error in CS during LB rule configuration
> -------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-1394
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1394
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Network Controller
>    Affects Versions: 4.1.0
>         Environment: Latest Build on ASF 4.1 :CloudStack-non-OSS-4.1-44-rhel6.3.tar.gz
>            Reporter: Sanjeev N
>            Assignee: Sheng Yang
>             Fix For: 4.1.0
>
>         Attachments: management-server.rar
>
>
> [F5-SRX-InlineMode] Failure in static nat configuration on SRX does not result in LB configuration error in CS during LB rule configuration
> Reproduction Method:
> =================
> 1. Create a NO using SRX for PF,Static NAT, Source Nat (Zone wide) and F5 for LB and rest of the services are provided by VR.
> 2. Add SRX device
> 3. Add F5 device is "Inline" mode and with "Shared" LB isolation mode
> 4. Add a user account.
> 5. Deploy few VMs using the above created NO.
> 6. Acquire Ip address.
> 7. Create a LB rule on this ipaddress.
> Test Result:
> =========
> LB rule creation dint give any configuration error even the static nat configuration on SRX failed.
> Observations:
> ==========
> On SRX static nat configuration with the acquired ip address was pre-existing before configuring LB rule. Hence the static nat rule configuration (which is part of LB rule configuration in inline mode) failed.
> However this dint result in any configuration error in LB configuration.
> LB rule was programmed in DB, even though it dint configured virtual server on F5.
> Static Nat failure message on SRX:
> 2013-02-26 10:26:52,207 DEBUG [network.resource.JuniperSrxResource] (DirectAgent-29:null) Checking response: <rpc-reply xmlns:junos="http://xml.juniper.net/junos/10.4R6/junos"><commit-results><load-success/><xnm:error xmlns="http://xml.juniper.net/xnm/1.1/xnm" xmlns:xnm="http://xml.juniper.net/xnm/1.1/xnm"><source-daemon>nsd</source-daemon><message>static nat rule 10-147-48-27-10-0-25-119 destination-address overlaps with static nat rule 10-147-48-27-10-0-112-113 destination-address</message></xnm:error><xnm:error xmlns="http://xml.juniper.net/xnm/1.1/xnm" xmlns:xnm="http://xml.juniper.net/xnm/1.1/xnm"><message>configuration check-out failed</message></xnm:error></commit-results></rpc-reply>
> 2013-02-26 10:26:52,207 ERROR [network.resource.JuniperSrxResource] (DirectAgent-29:null) Request failed due to: static nat rule 10-147-48-27-10-0-25-119 destination-address overlaps with static nat rule 10-147-48-27-10-0-112-113 destination-address
> 2013-02-26 10:26:52,208 ERROR [network.resource.JuniperSrxResource] (DirectAgent-29:null) com.cloud.utils.exception.ExecutionException: Failed to commit to global configuration.
> LB rule in DB:
> mysql> select * from load_balancing_rules;
> +----+------+-------------+--------------------+------------------+------------+
> | id | name | description | default_port_start | default_port_end | algorithm  |
> +----+------+-------------+--------------------+------------------+------------+
> |  3 | lb   | NULL        |                 80 |               80 | roundrobin |
> +----+------+-------------+--------------------+------------------+------------+
> 1 row in set (0.00 sec)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira