Example #1
0
 def create_ipsec_site_connection(self, context, ipsec_site_connection):
     ipsec_sitecon = ipsec_site_connection['ipsec_site_connection']
     dpd = ipsec_sitecon['dpd']
     ipsec_sitecon['dpd_action'] = dpd.get('action', 'hold')
     ipsec_sitecon['dpd_interval'] = dpd.get('interval', 30)
     ipsec_sitecon['dpd_timeout'] = dpd.get('timeout', 120)
     tenant_id = self._get_tenant_id_for_create(context, ipsec_sitecon)
     if ipsec_sitecon['dpd_timeout'] < ipsec_sitecon['dpd_interval']:
         raise vpnaas.IPsecSiteConnectionDpdIntervalValueError(
             attribute_a='dpd_timeout')
     with context.session.begin(subtransactions=True):
         #Check permissions
         self._get_resource(context,
                            VPNService,
                            ipsec_sitecon['vpnservice_id'])
         self._get_resource(context,
                            IKEPolicy,
                            ipsec_sitecon['ikepolicy_id'])
         self._get_resource(context,
                            IPsecPolicy,
                            ipsec_sitecon['ipsecpolicy_id'])
         ipsec_site_conn_db = IPsecSiteConnection(
             id=uuidutils.generate_uuid(),
             tenant_id=tenant_id,
             name=ipsec_sitecon['name'],
             description=ipsec_sitecon['description'],
             peer_address=ipsec_sitecon['peer_address'],
             peer_id=ipsec_sitecon['peer_id'],
             route_mode='static',
             mtu=ipsec_sitecon['mtu'],
             auth_mode='psk',
             psk=ipsec_sitecon['psk'],
             initiator=ipsec_sitecon['initiator'],
             dpd_action=ipsec_sitecon['dpd_action'],
             dpd_interval=ipsec_sitecon['dpd_interval'],
             dpd_timeout=ipsec_sitecon['dpd_timeout'],
             admin_state_up=ipsec_sitecon['admin_state_up'],
             status=constants.PENDING_CREATE,
             vpnservice_id=ipsec_sitecon['vpnservice_id'],
             ikepolicy_id=ipsec_sitecon['ikepolicy_id'],
             ipsecpolicy_id=ipsec_sitecon['ipsecpolicy_id']
         )
         context.session.add(ipsec_site_conn_db)
         for cidr in ipsec_sitecon['peer_cidrs']:
             peer_cidr_db = IPsecPeerCidr(
                 cidr=cidr,
                 ipsec_site_connection_id=ipsec_site_conn_db['id']
             )
             context.session.add(peer_cidr_db)
     return self._make_ipsec_site_connection_dict(ipsec_site_conn_db)
Example #2
0
 def _check_dpd(self, ipsec_sitecon):
     """Ensure that DPD timeout is greater than DPD interval."""
     if ipsec_sitecon['dpd_timeout'] <= ipsec_sitecon['dpd_interval']:
         raise vpnaas.IPsecSiteConnectionDpdIntervalValueError(
             attr='dpd_timeout')
Example #3
0
 def _check_dpd(self, ipsec_sitecon):
     if ipsec_sitecon['dpd_timeout'] <= ipsec_sitecon['dpd_interval']:
         raise vpnaas.IPsecSiteConnectionDpdIntervalValueError(
             attr='dpd_timeout')