Open vSwitch conntrack based firewall driver
This firewall requires OVS 2.5+ version supporting conntrack and kernel conntrack datapath support (kernel>=4.3). For more information, see https://github.com/openvswitch/ovs/blob/master/FAQ.md As part of this new entry points for current reference firewalls were added. Configuration: in openvswitch_agent.ini: - in securitygroup section set firewall_driver to openvswitch DocImpact Closes-bug: #1461000 Co-Authored-By: Miguel Angel Ajo Pelayo <mangelajo@redhat.com> Co-Authored-By: Amir Sadoughi <amir.sadoughi@rackspace.com> Change-Id: I13e5cda8b5f3a13a60b14d80e54f198f32d7a529
This commit is contained in:
parent
53c4f8ac57
commit
90e512386b
|
@ -147,6 +147,11 @@ neutron.interface_drivers =
|
|||
linuxbridge = neutron.agent.linux.interface:BridgeInterfaceDriver
|
||||
null = neutron.agent.linux.interface:NullDriver
|
||||
openvswitch = neutron.agent.linux.interface:OVSInterfaceDriver
|
||||
neutron.agent.firewall_drivers =
|
||||
noop = neutron.agent.firewall:NoopFirewallDriver
|
||||
iptables = neutron.agent.linux.iptables_firewall:IptablesFirewallDriver
|
||||
iptables_hybrid = neutron.agent.linux.iptables_firewall:OVSHybridIptablesFirewallDriver
|
||||
openvswitch = neutron.agent.linux.openvswitch_firewall:OVSFirewallDriver
|
||||
|
||||
[build_sphinx]
|
||||
all_files = 1
|
||||
|
|
Loading…
Reference in New Issue