This bug has been idle for a long time. Moving to invalid. If comment #1 doesn't address this issue, please reopen with additional details.
Thanks ** Changed in: neutron Status: Incomplete => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1669626 Title: When using openvswitch as the firewall driver, nf_conntrack_ipv4 and nf_conntrack_ipv6 kernel modules are needed Status in neutron: Invalid Bug description: VM's suddenly stopped being able to communicate out. Openstack version: Mitaka OVS version: 2.5.0 We use the Openvswitch firewall driver, and it had been working great. Then, randomly, all VM's running on our stack ceased to be able to communicate with anything. After looking into the flow construct on br-int, it was clear OVS was sending the traffic to a drop flow like this: cookie=0xa2b1b8107c6edcef, duration=8973.001s, table=72, n_packets=176, n_bytes=17248, idle_age=8797, priority=50,ct_state=+inv+trk actions=drop We checked logs on the Neutron server and others, but couldn't find any indication of why this was happening. Eventually we got some invaluable help that I would have never found on my own, which was, somehow we didn't have these modules loaded: nf_conntrack_ipv4 and nf_conntrack_ipv6 The second we loaded those modules, everything worked great. It was requested of me to report this as a bug per there being no mention of those kernel module requirements in relevant documentation. Such documentation would have saved us days of time. Thanks! To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1669626/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp