native ovs firewall sctp getting dropped

asked 2018-06-28 07:46:23 -0500

headamage gravatar image

I have a clean install of Openstack Pike on Ubuntu with OvS and I recently switched to the native openvswitch firewall to improve performance because with iptables_hybrid, the performance was quite poor. The native OvS firewall seems to work just fine with TCP/UDP traffic but it does not forward any SCTP traffic going to the VMs no matter how I change the security groups or even disable port security completely. I looked deeper into it the subject and found that there is a conntrack sctp module which I loaded to the kernel but it didn't seem to fix the problem. What do I have to do to allow SCTP packets to reach the VMs?

edit retag flag offensive close merge delete