settingsLogin | Registersettings

[Openstack] [Neutron] firewall_driver = openvswitch

0 votes

Setup:

Openstack version: Mitaka, OVS version: 2.60

I'm trying to set our firewall driver to be openvswitch based by modifying
these parameters:

vim /etc/neutron/plugins/ml2/openvswitch_agent.ini [securitygroup]

firewall_driver = openvswitch

After successfully restarting the Openvswitch service, I don't see the
flow's I would expect on br-int... After looking in
/var/log/neutron/openvswitch-agent.log, I see that it tries to add the
respective security-group flows, but can't:

ERROR neutron.agent.common.ovslib
[req-1ba2a804-69de-4d19-8acc-a1afa7bfe846 - - - - -] Unable to execute
['ovs-ofctl', 'add-flows', 'br-int', '-']. Exception: Exit code: 1; Stdin:
hard
timeout=0,idletimeout=0,priority=100,table=0,cookie=11220059674139377154,inport=8,actions=setfield:8->reg5,setfield:1->reg6,resubmit(,71)
hardtimeout=0,idletimeout=0,priority=90,table=0,dldst=fa:16:3e:c3:9a:2d,cookie=11220059674139377154,actions=setfield:8->reg5,set_field:1->reg6,resubmit(,81)
(many flows follow these)

Any idea why this might be happening?

Thanks in advance!


Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
asked Nov 2, 2016 in openstack by Sterdnot_Shaken (900 points)   2 4 10
...