Hello, I have a setup of 4 VMs: one OpenStack node, one Contrail controller node and 2 Contrail compute nodes. Contrail version I am using is 3.2.4.0 version. All the 4 VMs use CentOS 7.2.
I have created 2 virtual networks, VN1 and VN2. I have also created 2 virtual machines, VM1 having an IP address from VN1 and VM2 having an IP address from VN2. By default, ping between VM1 and VM2 is not working since VNs in Contrail are isolated from one another. I have added a network policy : Protocol : ANY, Source VN1, Destination VN2, unidirectional (from VN1 to VN2 only), port: ANY. I added the policy to both VN1 and VN2 and ping is working. My questions are: 1. Is it normal that echo request (from ping) arrives at its destination since I have 2 virtual networks that are not connected via a router, but have a network policy? 2. Why does echo reply (from ping) arrive at its destination, since the network policy is unidirectional (from VN1 to VN2 only)? Thanks, Anda
_______________________________________________ Dev mailing list Dev@lists.opencontrail.org http://lists.opencontrail.org/mailman/listinfo/dev_lists.opencontrail.org
