You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Murali Reddy (JIRA)" <ji...@apache.org> on 2016/05/27 10:05:12 UTC

[jira] [Created] (CLOUDSTACK-9393) Wrong information returned for CheckS2SVpnConnectionsCommand when more than one S2S VPN connection exists between a VPC VR, to other VPC VR's

Murali Reddy created CLOUDSTACK-9393:
----------------------------------------

             Summary: Wrong information returned for CheckS2SVpnConnectionsCommand when more than one S2S VPN connection exists between a VPC VR, to other VPC VR's
                 Key: CLOUDSTACK-9393
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9393
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Network Controller
    Affects Versions: 4.5.2
            Reporter: Murali Reddy


Its is observed that when there is more that one VPC VR connections originating or terminating from a VPC VR, status of CheckS2SVpnConnectionsCommand is not correct. For e.g, if there are 3 VPC A,B,C exists, with following s2s connections

A->B
B->A
A->C
C->A

I this case , VPC VR at site A, has two connections. In which case following error message are noticed.

========================================================
 2016-05-17 00:00:24,402 DEBUG [c.c.a.t.Request] (DirectAgent-411:ctx-8676f24f) Seq 231-106960491150353746: Processing:  { Ans: , MgmtId: 345050463794, via: 231, Ver: v1, Flags: 110, [{"com.             cloud.agent.api.CheckS2SVpnConnectionsAnswer":{"ipToConnected":{},"ipToDetail":{},"details":"whack: Pluto is not running (no \"/var/run/pluto/pluto.ctl\")\n130.185.66.25:11:ISAKMP SA NOT found          but checking IPsec;IPsec SA not found;Site-to-site VPN have not connected&whack: Pluto is not running (no \"/var/run/pluto/pluto.ctl\")\n80.69.130.108:11:ISAKMP SA NOT found but checking IPsec;         IPsec SA not found;Site-to-site VPN have not connected&whack: Pluto is not running (no \"/var/run/pluto/pluto.ctl\")\n80.69.130.104:11:ISAKMP SA NOT found but checking IPsec;IPsec SA not found;         Site-to-site VPN have not connected&","result":true,"wait":0}}] }
     572 2016-05-17 00:00:24,402 DEBUG [c.c.a.t.Request] (RouterStatusMonitor-1:ctx-d689a0dd) Seq 231-106960491150353746: Received:  { Ans: , MgmtId: 345050463794, via: 231, Ver: v1, Flags: 110, {               CheckS2SVpnConnectionsAnswer } }
     573 2016-05-17 00:00:24,402 DEBUG [c.c.a.m.AgentManagerImpl] (RouterStatusMonitor-1:ctx-d689a0dd) Details from executing class com.cloud.agent.api.CheckS2SVpnConnectionsCommand: whack: Pluto is             not running (no "/var/run/pluto/pluto.ctl")
========================================================

Also on noticing state change, management server is expected to update the state in the DB. It is observed that state never gets updated in the DB and management server keeps raising alert and debug messages on every CheckRouterTask.

As seen in the below snip there is state change detected in CheckRouterTask, but never gets updated in the DB.
 
========================================================
2016-05-17 17:02:54,803 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-a25222f7) Site-to-site Vpn Connection to VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected to Connected
2016-05-17 17:03:24,271 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-548194b9) Site-to-site Vpn Connection to VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to Disconnected
2016-05-17 17:03:24,639 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-548194b9) Site-to-site Vpn Connection to VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected to Connected
2016-05-17 17:03:54,174 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-fab8498a) Site-to-site Vpn Connection to VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to Disconnected
2016-05-17 17:03:54,527 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-fab8498a) Site-to-site Vpn Connection to VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected to Connected
2016-05-17 17:04:24,026 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-38c04ff4) Site-to-site Vpn Connection to VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to Disconnected
2016-05-17 17:04:24,419 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-38c04ff4) Site-to-site Vpn Connection to VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected to Connected
2016-05-17 17:04:54,060 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-67809600) Site-to-site Vpn Connection to VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to Disconnected
2016-05-17 17:04:54,419 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-67809600) Site-to-site Vpn Connection to VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected to Connected
2016-05-17 17:05:23,981 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-7c3107b2) Site-to-site Vpn Connection to VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to Disconnected
2016-05-17 17:05:24,357 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-7c3107b2) Site-to-site Vpn Connection to VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected to Connected
2016-05-17 17:05:54,422 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-17a7b2aa) Site-to-site Vpn Connection to VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to Disconnected
2016-05-17 17:05:54,792 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-17a7b2aa) Site-to-site Vpn Connection to VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected to Connected
2016-05-17 17:06:24,134 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-ade040c6) Site-to-site Vpn Connection to VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to Disconnected
2016-05-17 17:06:24,510 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-ade040c6) Site-to-site Vpn Connection to VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected to Connected
2016-05-17 17:06:53,996 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-20095156) Site-to-site Vpn Connection to VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to Disconnected
2016-05-17 17:06:54,427 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] (RouterStatusMonitor-1:ctx-20095156) Site-to-site Vpn Connection to VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected to Connected
========================================================



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)