Project

General

Profile

Bug #8858

IPsec VTI cleanup can accidentally remove valid interfaces

Added by Jim Pingle over 1 year ago. Updated over 1 year ago.

Status:
Resolved
Priority:
High
Assignee:
Category:
IPsec
Target version:
Start date:
08/31/2018
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.4.4
Affected Architecture:
All

Description

Then code that cleans up deleted/disabled IPsec VTI interfaces can, with certain configurations, delete a valid interface that should still be active.

The complete list of interfaces is rebuilt inside the P1 loop and can re-add an interface that should be excluded from cleanup. Needs moved above the P1 loop, but after the initial VTI interface configuration.

Associated revisions

Revision 74e45438 (diff)
Added by Jim Pingle over 1 year ago

Move IPsec VTI interface cleanup list. Fixes #8858

Generate the cleanup list before the P1 loop but after the initial
interface configuration.

History

#1 Updated by Jim Pingle over 1 year ago

  • Status changed from New to In Progress

#2 Updated by Jim Pingle over 1 year ago

  • Status changed from In Progress to Feedback
  • % Done changed from 0 to 100

#3 Updated by Jim Pingle over 1 year ago

  • Status changed from Feedback to Resolved

Can't reproduce on RC snap on the same box where it happened previously. Looks good.

Also available in: Atom PDF