[jira] [Commented] (CLOUDSTACK-7124) Failed to apply site-to-site VPN using Site2SiteVpnCfgCommand

ASF subversion and git services (JIRA) Fri, 25 Jul 2014 16:58:23 -0700

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-7124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14075149#comment-14075149
 ]


ASF subversion and git services commented on CLOUDSTACK-7124:
-------------------------------------------------------------

Commit abc0b40acb5d1b5b87362b4737605249525455dc in cloudstack's branch 
refs/heads/master from [~yasker]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=abc0b40 ]

CLOUDSTACK-7124: Fix semicolon caused VPN programming issue on Xen


> Failed to apply site-to-site VPN using Site2SiteVpnCfgCommand
> -------------------------------------------------------------
>
>                 Key: CLOUDSTACK-7124
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-7124
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Management Server, Test
>    Affects Versions: 4.5.0
>            Reporter: Chandan Purushothama
>            Assignee: Sheng Yang
>            Priority: Critical
>             Fix For: 4.5.0
>
>
> ====================
> Management Server Log:
> ====================
> 2014-07-17 14:20:29,540 WARN  [o.a.c.f.j.AsyncJobExecutionContext] 
> (StatsCollector-3:ctx-d1bbb5cd) Job is executed without a context, setup 
> psudo job for the executing thread
> 2014-07-17 14:20:29,594 DEBUG [c.c.a.t.Request] 
> (StatsCollector-3:ctx-d1bbb5cd) Seq 4-2465720795985346640: Received:  { Ans: 
> , MgmtId: 200888983222606, via: 4, Ver: v1, Flags: 10, { 
> GetStorageStatsAnswer } }
> 2014-07-17 14:20:29,597 DEBUG [c.c.a.m.DirectAgentAttache] 
> (DirectAgent-157:ctx-a2223711) Seq 1-6784391363656943196: Executing request
> 2014-07-17 14:20:30,095 DEBUG [c.c.a.m.DirectAgentAttache] 
> (DirectAgent-157:ctx-a2223711) Seq 1-6784391363656943196: Response Received: 
> 2014-07-17 14:20:30,096 DEBUG [c.c.a.t.Request] 
> (StatsCollector-3:ctx-d1bbb5cd) Seq 1-6784391363656943196: Received:  { Ans: 
> , MgmtId: 200888983222606, via: 1, Ver: v1, Flags: 10, { 
> GetStorageStatsAnswer } }
> 2014-07-17 14:20:31,380 ERROR [c.c.u.s.SshHelper] 
> (DirectAgent-156:ctx-8941a517) SSH execution of command 
> /opt/cloud/bin/router_proxy.sh ipsectunnel.sh 169.254.0.19 -A -l 
> 10.220.166.68 -n 10.2.1.0/24 -g 10.220.160.1 -r 10.220.166.67 -N 10.1.1.0/24 
> -e "3des-md5;modp1536" -i "3des-md5;modp1536" -t 86400 -T 3600 -s "ipsecpsk" 
> -d 0 -p  has an error status code in return. result output:     inet 
> 10.220.166.68/20 brd 10.220.175.255 scope global eth1
> iptables: No chain/target/match by that name.
> iptables: No chain/target/match by that name.
> iptables: No chain/target/match by that name.
> iptables: No chain/target/match by that name.
> 021 no connection named "vpn-10.220.166.67"
> 000 terminating all conns with alias='vpn-10.220.166.67' 
> 021 no connection named "vpn-10.220.166.67"
> 021 no connection named "vpn-10.220.166.67"
> 003 no secrets filename matched "/etc/ipsec.d/ipsec.*.secrets"
> iptables: Bad rule (does a matching rule exist in that chain?).
> iptables: Bad rule (does a matching rule exist in that chain?).
> iptables: Bad rule (does a matching rule exist in that chain?).
> iptables: Bad rule (does a matching rule exist in that chain?).
> /opt/cloud/bin/ipsectunnel.sh: line 165: [: -ne: unary operator expected
> can not load config '/etc/ipsec.conf': 
> /etc/ipsec.d/ipsec.vpn-10.220.166.67.conf:12: bad duration value salifetime=s 
> [s]
> 000 initiating all conns with alias='vpn-10.220.166.67' 
> 021 no connection named "vpn-10.220.166.67"
> ISAKMP SA NOT found but checking IPsec;IPsec SA not found;Site-to-site VPN 
> have not connected
> ISAKMP SA NOT found but checking IPsec;IPsec SA not found;Site-to-site VPN 
> have not connected
> ISAKMP SA NOT found but checking IPsec;IPsec SA not found;Site-to-site VPN 
> have not connected
> ISAKMP SA NOT found but checking IPsec;IPsec SA not found;Site-to-site VPN 
> have not connected
> ISAKMP SA NOT found but checking IPsec;IPsec SA not found;Site-to-site VPN 
> have not connected
> 021 no connection named "vpn-10.220.166.67"
> 000 terminating all conns with alias='vpn-10.220.166.67' 
> 021 no connection named "vpn-10.220.166.67"
> 021 no connection named "vpn-10.220.166.67"
> 003 no secrets filename matched "/etc/ipsec.d/ipsec.*.secrets"
> bash: modp1536: command not found
> bash: modp1536: command not found
> 2014-07-17 14:20:31,381 DEBUG [c.c.a.m.DirectAgentAttache] 
> (DirectAgent-156:ctx-8941a517) Seq 1-6784391363656943194: Response Received: 
> 2014-07-17 14:20:31,381 DEBUG [c.c.a.t.Request] 
> (DirectAgent-156:ctx-8941a517) Seq 1-6784391363656943194: Processing:  { Ans: 
> , MgmtId: 200888983222606, via: 1, Ver: v1, Flags: 100, 
> [{"com.cloud.agent.api.Answer":{"result":false,"details":"    inet 
> 10.220.166.68/20 brd 10.220.175.255 scope global eth1\niptables: No 
> chain/target/match by that name.\niptables: No chain/target/match by that 
> name.\niptables: No chain/target/match by that name.\niptables: No 
> chain/target/match by that name.\n021 no connection named 
> \"vpn-10.220.166.67\"\n000 terminating all conns with 
> alias='vpn-10.220.166.67' \n021 no connection named 
> \"vpn-10.220.166.67\"\n021 no connection named \"vpn-10.220.166.67\"\n003 no 
> secrets filename matched \"/etc/ipsec.d/ipsec.*.secrets\"\niptables: Bad rule 
> (does a matching rule exist in that chain?).\niptables: Bad rule (does a 
> matching rule exist in that chain?).\niptables: Bad rule (does a matching 
> rule exist in that chain?).\niptables: Bad rule (does a matching rule exist 
> in that chain?).\n/opt/cloud/bin/ipsectunnel.sh: line 165: [: -ne: unary 
> operator expected\ncan not load config '/etc/ipsec.conf': 
> /etc/ipsec.d/ipsec.vpn-10.220.166.67.conf:12: bad duration value salifetime=s 
> [s]\n000 initiating all conns with alias='vpn-10.220.166.67' \n021 no 
> connection named \"vpn-10.220.166.67\"\nISAKMP SA NOT found but checking 
> IPsec;IPsec SA not found;Site-to-site VPN have not connected\nISAKMP SA NOT 
> found but checking IPsec;IPsec SA not found;Site-to-site VPN have not 
> connected\nISAKMP SA NOT found but checking IPsec;IPsec SA not 
> found;Site-to-site VPN have not connected\nISAKMP SA NOT found but checking 
> IPsec;IPsec SA not found;Site-to-site VPN have not connected\nISAKMP SA NOT 
> found but checking IPsec;IPsec SA not found;Site-to-site VPN have not 
> connected\n021 no connection named \"vpn-10.220.166.67\"\n000 terminating all 
> conns with alias='vpn-10.220.166.67' \n021 no connection named 
> \"vpn-10.220.166.67\"\n021 no connection named \"vpn-10.220.166.67\"\n003 no 
> secrets filename matched \"/etc/ipsec.d/ipsec.*.secrets\"\nbash: modp1536: 
> command not found\nbash: modp1536: command not found\n","wait":0}}] }
> 2014-07-17 14:20:31,382 DEBUG [c.c.a.m.AgentAttache] 
> (DirectAgent-156:ctx-8941a517) Seq 1-6784391363656943194: No more commands 
> found
> 2014-07-17 14:20:31,382 DEBUG [c.c.a.t.Request] 
> (API-Job-Executor-62:ctx-d5acf6d1 job-612 ctx-d1963fd8) Seq 
> 1-6784391363656943194: Received:  { Ans: , MgmtId: 200888983222606, via: 1, 
> Ver: v1, Flags: 100, { Answer } }
> 2014-07-17 14:20:31,401 WARN  [o.a.c.a.c.u.v.CreateVpnConnectionCmd] 
> (API-Job-Executor-62:ctx-d5acf6d1 job-612 ctx-d1963fd8) Exception: 
> com.cloud.exception.ResourceUnavailableException: Resource 
> [Site2SiteVpnConnection:1] is unreachable: Failed to apply site-to-site VPN
>       at 
> com.cloud.network.vpn.Site2SiteVpnManagerImpl.startVpnConnection(Site2SiteVpnManagerImpl.java:345)
>       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>       at 
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>       at 
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>       at java.lang.reflect.Method.invoke(Method.java:601)
>       at 
> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
>       at 
> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
>       at 
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
>       at 
> org.apache.cloudstack.network.contrail.management.EventUtils$EventInterceptor.invoke(EventUtils.java:106)
>       at 
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)
>       at 
> com.cloud.event.ActionEventInterceptor.invoke(ActionEventInterceptor.java:51)
>       at 
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:161)
>       at 
> org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91)
>       at 
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
>       at 
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
>       at $Proxy159.startVpnConnection(Unknown Source)
>       at 
> org.apache.cloudstack.api.command.user.vpn.CreateVpnConnectionCmd.execute(CreateVpnConnectionCmd.java:149)
>       at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:141)
>       at 
> com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:108)
>       at 
> org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.runInContext(AsyncJobManagerImpl.java:507)
>       at 
> org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:49)
>       at 
> org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:56)
>       at 
> org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:103)
>       at 
> org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:53)
>       at 
> org.apache.cloudstack.managed.context.ManagedContextRunnable.run(ManagedContextRunnable.java:46)
>       at 
> org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(AsyncJobManagerImpl.java:464)
>       at 
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>       at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
>       at java.util.concurrent.FutureTask.run(FutureTask.java:166)
>       at 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
>       at 
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
>       at java.lang.Thread.run(Thread.java:722)
> 2014-07-17 14:20:31,403 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] 
> (API-Job-Executor-62:ctx-d5acf6d1 job-612) Complete async job-612, jobStatus: 
> FAILED, resultCode: 530, result: 
> org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[],"errorcode":534,"errortext":"Resource
>  [Site2SiteVpnConnection:1] is unreachable: Failed to apply site-to-site VPN"}
> 2014-07-17 14:20:31,408 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] 
> (API-Job-Executor-62:ctx-d5acf6d1 job-612) Done executing 
> org.apache.cloudstack.api.command.user.vpn.CreateVpnConnectionCmd for job-612



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Commented] (CLOUDSTACK-7124) Failed to apply site-to-site VPN using Site2SiteVpnCfgCommand

Reply via email to