This is the responsibility of the deployment tool. The iptables firewall driver only handles firewall rules for the VM ports.
On Fri, Sep 19, 2014 at 6:28 AM, Andreas Scheuring <scheu...@linux.vnet.ibm.com> wrote: > Hi > I just was playing around with various neutron-openvswitch-agent vxlan > configurations. The default port for vxlan traffic is 4789. I had > expected that when the neutron-openvswitch-agent reads the configured > vxlan port (or gets the default) it also would add an iptables rule to > allow incoming traffic via this port. But this did not happen. > > > Is it because such an iptables setup is to be considered as hypervisor > setup which is not done by openstack? Or should this be the job of the > firewall driver (in my case ovshybridiptablesfirewall driver)? > > Any thoughts on this? > > Thanks > > > -- > Andreas > (irc: scheuran) > > > > > _______________________________________________ > OpenStack-dev mailing list > OpenStackfirstname.lastname@example.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Kevin Benton _______________________________________________ OpenStack-dev mailing list OpenStackemail@example.com http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev