Re: [Openstack] Need help on neutron network device!!

[Narasimhan, Vivekanandan]

Hi Sateesh/Koteswar,



I believe move from PENDING_STATE to active will happen only if atleast one 
router is created PLUS an interface is

added to that router.



Because only then the Firewall rules gets applied to that router interface (or 
namespace on the agent) and state of

that firewall will go to ACTIVE.



Please feel free to correct me, if am wrong.



--

Thanks,



Vivek





From: Sateesh Kolagani Kumar [mailto:sateesh_ku...@mindtree.com]
Sent: Thursday, April 03, 2014 12:56 AM
To: Kelam, Koteswara Rao; openstack@lists.openstack.org
Subject: Re: [Openstack] Need help on neutron network device!!



Hi,



Yes, done the same changes, need to look at logs why its showing as pending 
state.

BTW, I am using Havana ..





Thanks and Regards,



Sateesh Kolagani

Technical Architect, IMTS Consulting



Global village, RVCE post, Mysore road

Bangalore - 560 059, India



O  +91 33957782

M + 91 9620224522

E  sateesh_ku...@mindtree.com<mailto:sateesh_ku...@mindtree.com>



cid:image001.png@01CF1E71.E9C08600

Planned vacation: Apr23rd-Apr25th



From: Kelam, Koteswara Rao [mailto:koteswara.ke...@hp.com]
Sent: Thursday, April 3, 2014 1:20 PM
To: Sateesh Kolagani Kumar; openstack@lists.openstack.org
Subject: RE: Need help on neutron network device!!



Hi Sateesh,



I read your previous mail but I want to clearly say that modify neutron.conf in 
controller and network nodes and restart neutron-server and neutron-l3-agent 
respectively.

When you create a firewall, it will be in PENDING_STATE initially but later 
moves to ACTIVE. In b/w I am using icehouse-2. If you are still facing the 
issue, check the neutron log files for any errors.

sdn@koteswar-ice-osc:~$ neutron firewall-create test_policy

Created a new firewall:

+--------------------+--------------------------------------+

| Field              | Value                                |

+--------------------+--------------------------------------+

| admin_state_up     | True                                 |

| description        |                                      |

| firewall_policy_id | 94f03168-964c-46f3-85b5-297bc1428a98 |

| id                 | 0ad8224e-35af-4c71-bbf9-6afab29381f8 |

| name               |                                      |

| status             | PENDING_CREATE                       |

| tenant_id          | 2e3b38da3a8c41ba8feb3973ea88fae2     |

+--------------------+--------------------------------------+

sdn@koteswar-ice-osc:~$ neutron firewall-show 
0ad8224e-35af-4c71-bbf9-6afab29381f8

+--------------------+--------------------------------------+

| Field              | Value                                |

+--------------------+--------------------------------------+

| admin_state_up     | True                                 |

| description        |                                      |

| firewall_policy_id | 94f03168-964c-46f3-85b5-297bc1428a98 |

| id                 | 0ad8224e-35af-4c71-bbf9-6afab29381f8 |

| name               |                                      |

| status             | ACTIVE                               
|<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<Moved to ACTIVE state

| tenant_id          | 2e3b38da3a8c41ba8feb3973ea88fae2     |

+--------------------+--------------------------------------+



Regards,

Koteswar



From: Sateesh Kolagani Kumar [mailto:sateesh_ku...@mindtree.com]
Sent: Thursday, April 03, 2014 12:56 PM
To: Kelam, Koteswara Rao; 
openstack@lists.openstack.org<mailto:openstack@lists.openstack.org>
Subject: RE: Need help on neutron network device!!



Kotesh,



Thanks for the response, if you look at my trail mail, done the same but its 
not working showing as PENDING_CREATE tried to create through dashboard as well 
CMD still issue persists.



Router also presented.





Thanks and Regards,



Sateesh Kolagani



From: Kelam, Koteswara Rao [mailto:koteswara.ke...@hp.com]
Sent: Thursday, April 3, 2014 12:47 PM
To: Sateesh Kolagani Kumar; 
openstack@lists.openstack.org<mailto:openstack@lists.openstack.org>
Subject: RE: Need help on neutron network device!!



*         In the controller node, add the following line in neutron.conf and 
restart the neutron-server:



service_plugins = neutron.services.firewall.fwaas_plugin.FirewallPlugin



*         In the network node, neutron.conf, add the following and restart the 
neutron-l3-agent:



[fwaas]

driver = 
neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver

enabled = True

This worked for me.



Regards,

Koteswar



From: Sateesh Kolagani Kumar [mailto:sateesh_ku...@mindtree.com]
Sent: Saturday, March 29, 2014 11:23 AM
To: openstack@lists.openstack.org<mailto:openstack@lists.openstack.org>
Subject: [Openstack] Need help on neutron network device!!



Hi,



I have enabled firewall in neutron.conf at controller (where neutron server 
installed) and Neutron node(where agents are installed)..after I create a 
firewall in dashboard its showing as PENDING_CREATE State not showing as 
active, all basic networking is working fine (used GRE tunnel). The changes 
made in Controller and neutron node..



Controller:
service_plugins = neutron.services.firewall.fwaas_plugin.FirewallPlugin



Neutron Node:



[fwaas]
driver = 
neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
enabled = True



Is anything I am issuing here please suggest me.







Thanks and Regards,



Sateesh Kolagani



  _____


http://www.mindtree.com/email/disclaimer.html


_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack