Fix released and backported:
Master: https://review.opendev.org/c/openstack/neutron/+/766775
Victoria: https://review.opendev.org/c/openstack/neutron/+/767676
Ussuri: https://review.opendev.org/c/openstack/neutron/+/767677
Train: https://review.opendev.org/c/openstack/neutron/+/767678
** Changed in: neutron
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1907491
Title:
OVS conjunctive flows are not cleaned up after remote group member ips
deleted
Status in neutron:
Fix Released
Status in OpenStack Security Advisory:
Won't Fix
Bug description:
Running with the current Neutron master and OVS firewall agent in
devstack all-in-one, when creating a security group rule with a
remote-group for an active VM, the conjunctive flows that match the
remote-group's member IPs are created. But when deleting the remote-
group's member IPs(e.g: unset fixed-ips of the port associated with
the remote-group), the deleted IP's conjunctive flows are not cleaned
up in OVS.
Detailed steps to reproduce in devstack:
http://paste.openstack.org/show/800820/
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1907491/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
