[OVN] Set 'unknown' address properly when port sec is disabled
Previous to this patch, the 'unknown' address was added to the OVN Logical_Switch_Port row. However, the '<ip> <mac1> <macN>' was still there so the port security was not really disabled. The correct behavior is to set the 'addresses' field to 'unknown' and remove everything else. Change-Id: I0b84f41865e3fdea49cf169df5431249c35f5ff8 Closes-Bug: #1728886 Signed-off-by: Daniel Alvarez <dalvarez@redhat.com>
This commit is contained in:
parent
1a891b8eda
commit
03b87ad963
|
@ -426,7 +426,7 @@ class DBInconsistenciesPeriodics(object):
|
|||
type_ = port.type.strip()
|
||||
if not port.port_security:
|
||||
if not type_ and ovn_const.UNKNOWN_ADDR not in addresses:
|
||||
addresses.append(ovn_const.UNKNOWN_ADDR)
|
||||
addresses = [ovn_const.UNKNOWN_ADDR]
|
||||
elif type_ and ovn_const.UNKNOWN_ADDR in addresses:
|
||||
addresses.remove(ovn_const.UNKNOWN_ADDR)
|
||||
else:
|
||||
|
|
|
@ -261,7 +261,10 @@ class OVNClient(object):
|
|||
# OVN allows any mac address from a port if "unknown"
|
||||
# is added to the Logical_Switch_Port.addresses column.
|
||||
# So add it.
|
||||
addresses.append(ovn_const.UNKNOWN_ADDR)
|
||||
addresses = [ovn_const.UNKNOWN_ADDR]
|
||||
else:
|
||||
addresses = [address]
|
||||
addresses.extend(new_macs)
|
||||
|
||||
dhcpv4_options = self._get_port_dhcp_options(port, const.IP_VERSION_4)
|
||||
dhcpv6_options = self._get_port_dhcp_options(port, const.IP_VERSION_6)
|
||||
|
|
|
@ -405,8 +405,9 @@ class TestOVNMechanismDriver(test_plugin.Ml2PluginV2TestCase):
|
|||
self.assertEqual([],
|
||||
called_args_dict.get('port_security'))
|
||||
|
||||
self.assertEqual('unknown',
|
||||
called_args_dict.get('addresses')[1])
|
||||
self.assertEqual(1, len(called_args_dict.get('addresses')))
|
||||
self.assertEqual(ovn_const.UNKNOWN_ADDR,
|
||||
called_args_dict.get('addresses')[0])
|
||||
data = {'port': {'mac_address': '00:00:00:00:00:01'}}
|
||||
req = self.new_update_request(
|
||||
'ports',
|
||||
|
@ -418,9 +419,9 @@ class TestOVNMechanismDriver(test_plugin.Ml2PluginV2TestCase):
|
|||
).call_args_list[0][1])
|
||||
self.assertEqual([],
|
||||
called_args_dict.get('port_security'))
|
||||
self.assertEqual(2, len(called_args_dict.get('addresses')))
|
||||
self.assertEqual('unknown',
|
||||
called_args_dict.get('addresses')[1])
|
||||
self.assertEqual(1, len(called_args_dict.get('addresses')))
|
||||
self.assertEqual(ovn_const.UNKNOWN_ADDR,
|
||||
called_args_dict.get('addresses')[0])
|
||||
|
||||
# Enable port security
|
||||
data = {'port': {'port_security_enabled': 'True'}}
|
||||
|
@ -434,7 +435,7 @@ class TestOVNMechanismDriver(test_plugin.Ml2PluginV2TestCase):
|
|||
self.assertEqual(2,
|
||||
self.nb_ovn.set_lswitch_port.call_count)
|
||||
self.assertEqual(1, len(called_args_dict.get('addresses')))
|
||||
self.assertNotIn('unknown',
|
||||
self.assertNotIn(ovn_const.UNKNOWN_ADDR,
|
||||
called_args_dict.get('addresses'))
|
||||
|
||||
def test_create_port_security_allowed_address_pairs(self):
|
||||
|
|
Loading…
Reference in New Issue