Public bug reported: Linux Bridge iptables firewall does not work without "ipset". When "enable_ipset" config parameter is set to False, the LB iptables firewall raises the following exception: http://paste.openstack.org/show/804095/
Testing patch: https://review.opendev.org/c/openstack/neutron/+/783103 NOTE: this bug was found when testing the migration to "nft" from "iptables". "ipset" is not compatible with "nft" and the alternative to "ipset" implemented in native "nft" is not compatible with "iptables- nft" ("nft" using the "iptables" API, to make the transition easier). More info in: https://review.opendev.org/c/openstack/neutron/+/775413 ** Affects: neutron Importance: Undecided Assignee: Rodolfo Alonso (rodolfo-alonso-hernandez) Status: New ** Changed in: neutron Assignee: (unassigned) => Rodolfo Alonso (rodolfo-alonso-hernandez) -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1922127 Title: [LB] Linux Bridge iptables firewall does not work without "ipset" Status in neutron: New Bug description: Linux Bridge iptables firewall does not work without "ipset". When "enable_ipset" config parameter is set to False, the LB iptables firewall raises the following exception: http://paste.openstack.org/show/804095/ Testing patch: https://review.opendev.org/c/openstack/neutron/+/783103 NOTE: this bug was found when testing the migration to "nft" from "iptables". "ipset" is not compatible with "nft" and the alternative to "ipset" implemented in native "nft" is not compatible with "iptables-nft" ("nft" using the "iptables" API, to make the transition easier). More info in: https://review.opendev.org/c/openstack/neutron/+/775413 To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1922127/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
