Public bug reported: See mailing list thread started at http://lists.openstack.org/pipermail /openstack-discuss/2020-December/019442.html
Bug discovered during magnum testing in ussuri, where pods deployed on different nodes could not communicate with each other - it has been traced to incorrect OVN ACLs for this specific scenario: - neutron port with additional subnet added to allowed_address_pairs - security group created with a remote group set for both TCP and UDP, to allow traffic between subnet defined in allowed_address_pairs It resulted in TCP and UDP being dropped by OVN. ** Affects: neutron Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1908382 Title: [OVN] Missing OVN ACLs for security groups that utilize remote groups attached to ports with allowed_address_pairs Status in neutron: New Bug description: See mailing list thread started at http://lists.openstack.org/pipermail/openstack- discuss/2020-December/019442.html Bug discovered during magnum testing in ussuri, where pods deployed on different nodes could not communicate with each other - it has been traced to incorrect OVN ACLs for this specific scenario: - neutron port with additional subnet added to allowed_address_pairs - security group created with a remote group set for both TCP and UDP, to allow traffic between subnet defined in allowed_address_pairs It resulted in TCP and UDP being dropped by OVN. To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1908382/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp