I just was playing around with various neutron-openvswitch-agent vxlan
configurations. The default port for vxlan traffic is 4789. I had
expected that when the neutron-openvswitch-agent reads the configured
vxlan port (or gets the default) it also would add an iptables rule to
allow incoming traffic via this port. But this did not happen.

Is it because such an iptables setup is to be considered as hypervisor
setup which is not done by openstack? Or should this be the job of the
firewall driver (in my case ovshybridiptablesfirewall driver)?

Any thoughts on this?


(irc: scheuran)

OpenStack-dev mailing list

Reply via email to