NSX|V: Bug fixing for allowed address_pairs
Remove spoofguard mappings along with spoofguard on backend
when network is set without port security.
Change-Id: I03eac35ae0dfae1c716c54d972a2441c1d98f50a
Signed-off-by: Michal Kelner Mishali <mkelnermishal@vmware.com>
(cherry picked from commit 8f852c60f3
)
This commit is contained in:
parent
32de032928
commit
d96b6c6bf0
|
@ -684,6 +684,11 @@ def get_nsxv_spoofguard_policy_network_mappings(session, filters=None,
|
|||
filters, like_filters).all()
|
||||
|
||||
|
||||
def del_nsxv_spoofguard_binding(session, policy_id):
|
||||
return (session.query(nsxv_models.NsxvSpoofGuardPolicyNetworkMapping).
|
||||
filter_by(policy_id=policy_id).delete())
|
||||
|
||||
|
||||
def add_nsxv_lbaas_loadbalancer_binding(
|
||||
session, loadbalancer_id, edge_id, edge_fw_rule_id, vip_address):
|
||||
with session.begin(subtransactions=True):
|
||||
|
|
|
@ -1696,6 +1696,8 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin,
|
|||
if sg_policy:
|
||||
try:
|
||||
self.nsx_v.vcns.delete_spoofguard_policy(sg_policy)
|
||||
nsxv_db.del_nsxv_spoofguard_binding(context.session,
|
||||
sg_policy)
|
||||
except Exception as e:
|
||||
LOG.error('Unable to delete spoofguard policy '
|
||||
'%(sg_policy)s. Error: %(e)s',
|
||||
|
|
Loading…
Reference in New Issue