Open Stack

On 29/07/2019 17:38, thuanlk at viettel.com.vn wrote:
> I have installed Openstack Queens on CentOs 7 with OvS and I recently used
> the native openvswitch firewall to implement SecusiryGroup. The native OvS
> firewall seems to work just fine with TCP/UDP traffic but it does not
> forward any SCTP traffic going to the VMs no matter how I change the
> security groups, But it run if i disable port security completely or use
> iptables_hybrid firewall driver. What do I have to do to allow SCTP packets
> to reach the VMs?
> 
> 
You need to load kernel module for netfilter that supports sctp.
Depending on the kernel you're using, it could be either compiled in or
compiled as a module. You can try to

 modprobe ip_conntrack_proto_sctp

to see if it fixes the issue for you.

Kuba