You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cloudstack.apache.org by "Koushik Das (JIRA)" <ji...@apache.org> on 2013/06/21 19:11:19 UTC

[jira] [Commented] (CLOUDSTACK-2803) Policy (DNAT,PF,ACL) containers from Cisco VNMC are not removed when Public IP is released from Cloudstack

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-2803?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13690481#comment-13690481 ] 

Koushik Das commented on CLOUDSTACK-2803:
-----------------------------------------

Policy container gets created for each public IP. All PF, NAT rules for a given IP belongs to the container for that IP. It is good to remove the container when the last rule gets removed but for that an additional query needs to be run everytime a rule is deleted to see if it is the last one. All containers gets cleaned up when the network is removed so not planning to fix the cleaning up of individual containers.
                
> Policy (DNAT,PF,ACL) containers from Cisco VNMC are not removed when Public IP is released from Cloudstack
> ----------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-2803
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2803
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Network Controller, Network Devices
>    Affects Versions: 4.2.0
>            Reporter: Sailaja Mada
>            Assignee: Koushik Das
>            Priority: Minor
>             Fix For: 4.2.0
>
>
> Steps:
> 1. Configure Advanced Networking zone with VMWARE Nexus enabled cluster 
> 2. Add Cisco VNMC,ASA firewall devices 
> 3. Create Network offering with Cisco VNMC provider as (Source NAT, PF,Firewall,Static NAT ) 
> 4. Deploy Instance using this network
> 5. Acquire new public IP and configure Static NAT Rule .
> 6. Release IP 
> Observation:
> 1. Rules are removed from Cisco VNMC 
> 2. But Policy (DNAT,PF,ACL) containers from Cisco VNMC are not removed when Public IP is released from Cloudstack.   (Attached the snap)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira