Merge "Local IP: use LOCAL_IP_TABLE for back flows if no OVS fw"
This commit is contained in:
commit
452a3093f6
neutron
@ -47,9 +47,7 @@ class LocalIPAgentExtension(l2_extension.L2AgentExtension):
|
|||||||
'currently uses %(driver_type)s',
|
'currently uses %(driver_type)s',
|
||||||
{'driver_type': driver_type})
|
{'driver_type': driver_type})
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
if (cfg.CONF.SECURITYGROUP.enable_security_group and
|
if self._is_ovs_firewall() and not cfg.CONF.LOCAL_IP.static_nat:
|
||||||
cfg.CONF.SECURITYGROUP.firewall_driver == 'openvswitch' and
|
|
||||||
not cfg.CONF.LOCAL_IP.static_nat):
|
|
||||||
LOG.error('In order to use Local IP extension together with '
|
LOG.error('In order to use Local IP extension together with '
|
||||||
'openvswitch firewall please set static_nat config to '
|
'openvswitch firewall please set static_nat config to '
|
||||||
'True')
|
'True')
|
||||||
@ -293,7 +291,10 @@ class LocalIPAgentExtension(l2_extension.L2AgentExtension):
|
|||||||
self._tcp_flow_match_specs(ofpp),
|
self._tcp_flow_match_specs(ofpp),
|
||||||
self._udp_flow_match_specs(ofpp)]:
|
self._udp_flow_match_specs(ofpp)]:
|
||||||
flow_specs = common_specs + specs
|
flow_specs = common_specs + specs
|
||||||
learn_table = ovs_constants.ACCEPTED_EGRESS_TRAFFIC_NORMAL_TABLE
|
learn_table = ovs_constants.LOCAL_IP_TABLE
|
||||||
|
if self._is_ovs_firewall():
|
||||||
|
learn_table = ovs_constants.\
|
||||||
|
ACCEPTED_EGRESS_TRAFFIC_NORMAL_TABLE
|
||||||
actions = [
|
actions = [
|
||||||
ofpp.OFPActionSetField(eth_dst=mac),
|
ofpp.OFPActionSetField(eth_dst=mac),
|
||||||
ofpp.NXActionLearn(
|
ofpp.NXActionLearn(
|
||||||
@ -354,3 +355,8 @@ class LocalIPAgentExtension(l2_extension.L2AgentExtension):
|
|||||||
n_bits=16)]
|
n_bits=16)]
|
||||||
match_kwargs = {'ip_proto': ip_proto.IPPROTO_UDP}
|
match_kwargs = {'ip_proto': ip_proto.IPPROTO_UDP}
|
||||||
return specs, match_kwargs
|
return specs, match_kwargs
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def _is_ovs_firewall():
|
||||||
|
return (cfg.CONF.SECURITYGROUP.enable_security_group and
|
||||||
|
cfg.CONF.SECURITYGROUP.firewall_driver == 'openvswitch')
|
||||||
|
@ -321,7 +321,7 @@ class LocalIPAgentExtensionTestCase(base.BaseTestCase):
|
|||||||
|
|
||||||
self.assertEqual(3, ofpp_mock.NXActionLearn.call_count)
|
self.assertEqual(3, ofpp_mock.NXActionLearn.call_count)
|
||||||
ofpp_mock.NXActionLearn.assert_called_with(
|
ofpp_mock.NXActionLearn.assert_called_with(
|
||||||
table_id=ovs_constants.ACCEPTED_EGRESS_TRAFFIC_NORMAL_TABLE,
|
table_id=ovs_constants.LOCAL_IP_TABLE,
|
||||||
cookie=mock.ANY, priority=20, idle_timeout=30,
|
cookie=mock.ANY, priority=20, idle_timeout=30,
|
||||||
hard_timeout=300, specs=mock.ANY)
|
hard_timeout=300, specs=mock.ANY)
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user