Ask Your Question

Openstack security group rules implemented ?

asked 2016-09-20 12:26:01 -0500

CloudEnthusiast gravatar image

Hello All,

Where actually the security group rules are implemented in OpenStack neutron ? How rules are implemented and applied to Openstack instances ? How to verify or confirm my defined security group rule is applied to an openstack instance ?

Please help me to understand these.

Thanks in advance for any kind of inputs, suggestions or pointers

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2016-09-24 05:11:12 -0500

Praveen N gravatar image


The Access & security group rules defined in OpenStack will be applied to instance's tap device attached to linux bridge(qbr) through iptables in the compute node where instance is hosted. That linux bridge will be linked(qvo) to OVS switch named br-int.

Also when the instance is migrated from one compute node to another compute node, the iptables for tap device are also moved to another compute node. ALso the port qvo will be transferred to OVS switch on new compute node.


edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2016-09-20 12:26:01 -0500

Seen: 252 times

Last updated: Sep 24 '16