Kill conntrackd state on HA routers FIP disassociation
Legacy routers kill conntrackd states on FIP disassociation, so that traffic to FIPs that have been disassociated is properly dropped. This is not the case with HA routers, and this patch changes that. Change-Id: Ic962c518ce33a4936d0f1655d60d308c5e776a9b Closes-Bug: #1505700
This commit is contained in:
parent
090fe71359
commit
e0eeadc97e
@ -257,6 +257,8 @@ class HaRouter(router.RouterInfo):
|
||||
|
||||
def remove_floating_ip(self, device, ip_cidr):
|
||||
self._remove_vip(ip_cidr)
|
||||
if self.ha_state == 'master' and device.addr.list():
|
||||
super(HaRouter, self).remove_floating_ip(device, ip_cidr)
|
||||
|
||||
def internal_network_updated(self, interface_name, ip_cidrs):
|
||||
self._clear_vips(interface_name)
|
||||
|
@ -431,11 +431,17 @@ class L3AgentTestCase(L3AgentTestFramework):
|
||||
def test_ha_router_lifecycle(self):
|
||||
self._router_lifecycle(enable_ha=True)
|
||||
|
||||
def test_conntrack_disassociate_fip(self):
|
||||
def test_conntrack_disassociate_fip_legacy_router(self):
|
||||
self._test_conntrack_disassociate_fip(ha=False)
|
||||
|
||||
def test_conntrack_disassociate_fip_ha_router(self):
|
||||
self._test_conntrack_disassociate_fip(ha=True)
|
||||
|
||||
def _test_conntrack_disassociate_fip(self, ha):
|
||||
'''Test that conntrack immediately drops stateful connection
|
||||
that uses floating IP once it's disassociated.
|
||||
'''
|
||||
router_info = self.generate_router_info(enable_ha=False)
|
||||
router_info = self.generate_router_info(enable_ha=ha)
|
||||
router = self.manage_router(self.agent, router_info)
|
||||
|
||||
port = net_helpers.get_free_namespace_port(l3_constants.PROTO_NAME_TCP,
|
||||
@ -462,6 +468,9 @@ class L3AgentTestCase(L3AgentTestFramework):
|
||||
self.assertEqual(
|
||||
n, len([line for line in out.strip().split('\n') if line]))
|
||||
|
||||
if ha:
|
||||
utils.wait_until_true(lambda: router.ha_state == 'master')
|
||||
|
||||
with self.assert_max_execution_time(100):
|
||||
assert_num_of_conntrack_rules(0)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user