[jira] [Created] (CLOUDSTACK-9393) Wrong information returned for CheckS2SVpnConnectionsCommand when more than one S2S VPN connection exists between a VPC VR, to other VPC VR's

Fri, 27 May 2016 03:06:13 -0700 

Murali Reddy created CLOUDSTACK-9393:
----------------------------------------

             Summary: Wrong information returned for 
CheckS2SVpnConnectionsCommand when more than one S2S VPN connection exists 
between a VPC VR, to other VPC VR's
                 Key: CLOUDSTACK-9393
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9393
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Network Controller
    Affects Versions: 4.5.2
            Reporter: Murali Reddy


Its is observed that when there is more that one VPC VR connections originating 
or terminating from a VPC VR, status of CheckS2SVpnConnectionsCommand is not 
correct. For e.g, if there are 3 VPC A,B,C exists, with following s2s 
connections

A->B
B->A
A->C
C->A

I this case , VPC VR at site A, has two connections. In which case following 
error message are noticed.

========================================================
 2016-05-17 00:00:24,402 DEBUG [c.c.a.t.Request] (DirectAgent-411:ctx-8676f24f) 
Seq 231-106960491150353746: Processing:  { Ans: , MgmtId: 345050463794, via: 
231, Ver: v1, Flags: 110, [{"com.             
cloud.agent.api.CheckS2SVpnConnectionsAnswer":{"ipToConnected":{},"ipToDetail":{},"details":"whack:
 Pluto is not running (no 
\"/var/run/pluto/pluto.ctl\")\n130.185.66.25:11:ISAKMP SA NOT found          
but checking IPsec;IPsec SA not found;Site-to-site VPN have not 
connected&whack: Pluto is not running (no 
\"/var/run/pluto/pluto.ctl\")\n80.69.130.108:11:ISAKMP SA NOT found but 
checking IPsec;         IPsec SA not found;Site-to-site VPN have not 
connected&whack: Pluto is not running (no 
\"/var/run/pluto/pluto.ctl\")\n80.69.130.104:11:ISAKMP SA NOT found but 
checking IPsec;IPsec SA not found;         Site-to-site VPN have not 
connected&","result":true,"wait":0}}] }
     572 2016-05-17 00:00:24,402 DEBUG [c.c.a.t.Request] 
(RouterStatusMonitor-1:ctx-d689a0dd) Seq 231-106960491150353746: Received:  { 
Ans: , MgmtId: 345050463794, via: 231, Ver: v1, Flags: 110, {               
CheckS2SVpnConnectionsAnswer } }
     573 2016-05-17 00:00:24,402 DEBUG [c.c.a.m.AgentManagerImpl] 
(RouterStatusMonitor-1:ctx-d689a0dd) Details from executing class 
com.cloud.agent.api.CheckS2SVpnConnectionsCommand: whack: Pluto is             
not running (no "/var/run/pluto/pluto.ctl")
========================================================

Also on noticing state change, management server is expected to update the 
state in the DB. It is observed that state never gets updated in the DB and 
management server keeps raising alert and debug messages on every 
CheckRouterTask.

As seen in the below snip there is state change detected in CheckRouterTask, 
but never gets updated in the DB.
 
========================================================
2016-05-17 17:02:54,803 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-a25222f7) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected 
to Connected
2016-05-17 17:03:24,271 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-548194b9) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to 
Disconnected
2016-05-17 17:03:24,639 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-548194b9) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected 
to Connected
2016-05-17 17:03:54,174 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-fab8498a) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to 
Disconnected
2016-05-17 17:03:54,527 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-fab8498a) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected 
to Connected
2016-05-17 17:04:24,026 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-38c04ff4) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to 
Disconnected
2016-05-17 17:04:24,419 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-38c04ff4) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected 
to Connected
2016-05-17 17:04:54,060 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-67809600) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to 
Disconnected
2016-05-17 17:04:54,419 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-67809600) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected 
to Connected
2016-05-17 17:05:23,981 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-7c3107b2) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to 
Disconnected
2016-05-17 17:05:24,357 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-7c3107b2) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected 
to Connected
2016-05-17 17:05:54,422 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-17a7b2aa) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to 
Disconnected
2016-05-17 17:05:54,792 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-17a7b2aa) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected 
to Connected
2016-05-17 17:06:24,134 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-ade040c6) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to 
Disconnected
2016-05-17 17:06:24,510 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-ade040c6) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected 
to Connected
2016-05-17 17:06:53,996 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-20095156) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router b-8081-VM(id: 8081)  just switch from Connected to 
Disconnected
2016-05-17 17:06:54,427 INFO  [c.c.n.r.VirtualNetworkApplianceManagerImpl] 
(RouterStatusMonitor-1:ctx-20095156) Site-to-site Vpn Connection to 
VPN-80.69.130.108 on router r-8083-VM(id: 8083)  just switch from Disconnected 
to Connected
========================================================



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to