Use openstack to manage iptables

asked 2013-05-13 22:01:37 -0500

patrickvinas gravatar image

Using Openstack Grizzly, with Quantum + OVS.

Gaining access to my public network from within the running VMs requires some iptables rules be added manually, and the rules only seem to work if they come before some of the rules generated automatically. I can insert my rules into iptables and make everything work for a few minutes, but quantum seems to restore its own rules periodically, as well as whenever a new instance is launched (adding fixed->floating NAT mapping, etc). It's keeping my additions but re-ordering them to the end of the chains. Is there any way to change the order of the rules that quantum is generating?

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted

answered 2013-05-14 23:22:39 -0500

gongysh gravatar image

I think u can use different rule chains thank quantum's ones.

edit flag offensive delete link more

answered 2013-06-24 13:08:54 -0500

patrickvinas gravatar image

Never did manage to figure out this problem. Ended up switching to flat networking, now there's no need for NAT or any custom rules.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2013-05-13 22:01:37 -0500

Seen: 189 times

Last updated: Jun 24 '13