Hi Josef,
We faced similar issue while working on vFW scenario. What we observed in our
case is that the iptables were having filtering rules due to which packets are
getting filtered.
We cleared the iptable rules on pg, fw, sink by using following commands:
#clear iptables
iptables -F
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
You can check iptables using "iptables -L -v" command.
Second possibility why packets are not flowing is the port security in your
openstack neutron configuration Is enable. Port security should be disable, you
will need admin rights for openstack.
Thanks,
Netaji Surve.
From: Avdhut Kholkar
Sent: Friday, June 30, 2017 10:31 AM
To: Netaji Surve <netaji.su...@amdocs.com>
Subject: FW: [onap-discuss] Is there a way to confirm correct spin-up of vFW
stack
Regards,
Avdhut Kholkar
From:
onap-discuss-boun...@lists.onap.org<mailto:onap-discuss-boun...@lists.onap.org>
[mailto:onap-discuss-boun...@lists.onap.org] On Behalf Of Josef Reisinger
Sent: Thursday, June 29, 2017 7:18 PM
To: onap-discuss
<onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>>
Subject: [onap-discuss] Is there a way to confirm correct spin-up of vFW stack
I asked the following uestion below under
https://wiki.onap.org/questions/8227972/is-there-a-way-to-confirm-correct-spin-up-of-vfw-stack.
I have spun up a stack in Openstack Ocata containing the three VMs for the
firewall demo. I am able to connect to
http://<sink-ip>:667/<http://%3csink-ip%3e:667/> and can see some graphics. But
there is no traffic at all. I can see in pgn & fwl that there is some VPN setup
with vpp.. but I cannot see any real traffic on (un)protected_network.
I used
curl -X PUT -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type:
application/json" -H "Cache-Control: no-cache" -H "Postman-Token:
9005870c-900b-2e2e-0902-ef2009bb0ff7" -d '{"pg-streams":{"pg-stream":
[{"id":"fw_udp1", "is-enabled":"true"},{"id":"fw_udp2",
"is-enabled":"true"},{"id":"fw_udp3", "is-enabled":"true"},{"id":"fw_udp4",
"is-enabled":"true"},{"id":"fw_udp5", "is-enabled":"true"},{"id":"fw_udp6",
"is-enabled":"true"},{"id":"fw_udp7", "is-enabled":"true"},{"id":"fw_udp8",
"is-enabled":"true"},{"id":"fw_udp9", "is-enabled":"true"},{"id":"fw_udp10",
"is-enabled":"true"}]}}'
"http://localhost:8183/restconf/config/sample-plugin:sample-plugin/pg-streams";
to trigger some messages ... with no success. Is there any documentation
available which helps to understand what the vFW stack does?
Mit freundlichen Grüßen / Kind regards
Josef Reisinger
When wisdom comes to call, there's nobody listening at all - Pendragon / Man Of
Nomadic Traits
IBM Sales & Distribution, Communications Sector
Certified IT-Architect Telecommunications
IBM Certified Telecommunications Industry ITA
Lehrbeauftragter an der Hochschule Fresenius
IBM Deutschland
Godesberger Allee 127
53175 Bonn Beuel
Phone: +49 151 1426 4559
Mobile: +49-(0) 151 1426 4559
E-Mail: josef.reisin...@de.ibm.com<mailto:josef.reisin...@de.ibm.com>
This message and the information contained herein is proprietary and
confidential and subject to the Amdocs policy statement,
you may review at https://www.amdocs.com/about/email-disclaimer
<https://www.amdocs.com/about/email-disclaimer>
_______________________________________________
onap-discuss mailing list
onap-discuss@lists.onap.org
https://lists.onap.org/mailman/listinfo/onap-discuss
