Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Is it possible to move a port from one bridge to another?

Hello,

I'm having some trouble with my networking. I have the public network and a couple of tenant networks as well. I'm trying to implement some firewalling without FWaaS or security groups. I want a firewall appliance to do it all. So I'm firing up an instance of my firewall/router with one interface on the public and one on the first tenant network. I can set the interfaces and ping other devices. The problem is that I cannot ping anything on my public network as it doesn't know how to talk to it. Looking at my compute node I can see with "ip link show" that my public-facing interface is a tap device with a master of another port on the integration bridge. That port, on br-int, has no way to talk to the outside world since it doesn't link to anything on the br-ex bridge. How can I accomplish this? I know I could easily use an OpenStack router and set the gateway. This is not what I'm looking for. I want to use a different firewall/router solution. If I could somehow do "ovs-vsctl move-port port from_bridge to_bridge" that would be great. Any ideas? Thank you!

Is it possible to move a port from one bridge to another?

Hello,

I'm having some trouble with my networking. I have the public network and a couple of tenant networks as well. I'm trying to implement some firewalling without FWaaS or security groups. I want a firewall appliance to do it all. So I'm firing up an instance of my firewall/router with one interface on the public and one on the first tenant network. I can set the interfaces and ping other devices. The problem is that I cannot ping anything on my public network as it doesn't know how to talk to it. Looking at my compute compute/network node I can see with "ip link show" that my public-facing interface is a tap device with a master of another port on the integration bridge. That port, on br-int, has no way to talk to the outside world since it doesn't link to anything on the br-ex bridge. How can I accomplish this? I know I could easily use an OpenStack router and set the gateway. This is not what I'm looking for. I want to use a different firewall/router solution. If I could somehow do "ovs-vsctl move-port port from_bridge to_bridge" that would be great. Any ideas? Thank you!