Open Stack

Sorry,

I managed to misplace my question into the existing thread.


On 9/26/14, 12:56 AM, Alexandre Levine wrote:
> Hi All,
>
> I'm looking for a way to set port_filter flag to False for port 
> binding. Is there a way to do this in IceHouse or in current Juno 
> code? I use devstack with the default ML2 plugin and configuration.
>
> According to this guide 
> (http://docs.openstack.org/api/openstack-network/2.0/content/binding_ext_ports.html) 
> it should be done via binding:profile but it gets only recorded in the 
> dictionary of binding:profile and doesn't get reflected in vif_details 
> as supposed to.
>
> I tried to find any code in Neutron that can potentially do this 
> transferring from incoming binding:profile into binding:vif_details 
> and found none.
>
> I'd be very grateful if anybody can point me in the right direction.
>
> And by the by the reason I'm trying to do this is because I want to 
> use one instance as NAT for another one in private subnet. As a result 
> of ping 8.8.8.8 from private instance to NAT instance the reply gets 
> Dropped by the security rule in iptables on TAP interface of NAT 
> instance because the source is different from the NAT instance IP. So 
> I suppose that port_filter is responsible for this behavior and will 
> remove this restriction in iptables.
>
> Best regards,
>   Alex Levine