<div dir="ltr">Security groups already use connection tracking. It's just done via a linux bridge right now because the versions of OVS shipped with most distros have no native conntrack support.</div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Nov 23, 2015 at 2:55 AM, Tapio Tallgren <span dir="ltr"><<a href="mailto:tapiotallgren@gmail.com" target="_blank">tapiotallgren@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi,<div><br></div><div>Sorry for the stupid question, but how will I use the connection tracking in security groups? Is there an extension to the Neutron API call "add security group rule" that allows for connection tracking, or this for FWaaS only?</div><span class="HOEnZb"><font color="#888888"><div><br></div><div>-Tapio</div></font></span></div><div class="HOEnZb"><div class="h5"><br><div class="gmail_quote"><div dir="ltr">On Mon, Nov 23, 2015 at 12:39 PM Fawad Khaliq <<a href="mailto:fawad@plumgrid.com" target="_blank">fawad@plumgrid.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Mon, Nov 23, 2015 at 3:08 PM, Jakub Libosvar <span dir="ltr"><<a href="mailto:jlibosva@redhat.com" target="_blank">jlibosva@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><span>On 11/22/2015 07:28 PM, Gal Sagie wrote:<br>
> Hi Fawad,<br>
><br>
> From what i could understand from Miguel Angel Ajo, someone is working<br>
> on this integration and it<br>
> is suppose to be delivered as part of Mitaka.<br>
> I don't remember the person name, Miguel will sure update shortly.<br>
><br>
> Gal.<br>
<br>
</span>Hi Fawad, Gal,<br>
<br>
I'm the person working on ovs firewall. There is reported an rfe bug [1]<br>
to tracking it.<br></blockquote><div> </div></div></div></div><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div>Hi Kuba,</div><div><br></div><div>Great. We (Kuryr team) wanted insight into the plans for this support. Thanks for the note and link to the bug. I think we are all set to take the discussions further. </div></div></div></div><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div> </div><div>Fawad</div></div></div></div><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<br>
Kuba<br>
<br>
[1] <a href="https://bugs.launchpad.net/neutron/+bug/1461000" rel="noreferrer" target="_blank">https://bugs.launchpad.net/neutron/+bug/1461000</a><br>
<span>><br>
> On Sun, Nov 22, 2015 at 7:05 PM, Fawad Khaliq <<a href="mailto:fawad@plumgrid.com" target="_blank">fawad@plumgrid.com</a><br>
</span><span>> <mailto:<a href="mailto:fawad@plumgrid.com" target="_blank">fawad@plumgrid.com</a>>> wrote:<br>
><br>
> Folks,<br>
><br>
> Is there a plan to add conntrack support to the security groups for<br>
> the OVS driver in Mitaka cycle?<br>
><br>
> My understanding is that it is being actively worked on for<br>
> networking-ovn but no concrete plan for support in the OVS Neutron<br>
> driver yet.<br>
><br>
> Thanks,<br>
> Fawad Khaliq<br>
><br>
><br>
> __________________________________________________________________________<br>
> OpenStack Development Mailing List (not for usage questions)<br>
> Unsubscribe:<br>
> <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
</span>> <<a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a>><br>
<div><div>> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
><br>
><br>
><br>
><br>
> --<br>
> Best Regards ,<br>
><br>
> The G.<br>
><br>
><br>
> __________________________________________________________________________<br>
> OpenStack Development Mailing List (not for usage questions)<br>
> Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
><br>
<br>
<br>
__________________________________________________________________________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
</div></div></blockquote></div></div></div>
__________________________________________________________________________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
</blockquote></div>
</div></div><br>__________________________________________________________________________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div>Kevin Benton</div></div>
</div>