[Openstack-operators] How Do I allow IP protocols other than TCP, UDP, or ICMP (such as GRE)through my security group?

Aaron Rosen arosen at nicira.com
Thu Aug 15 20:16:04 UTC 2013


Hi,

The following patch added support for this in early H1
https://review.openstack.org/#/c/32050/ . This will cherry-pick to
stable/grizzly without any conflict if you want to backport it for your
deployment.

Aaron


On Wed, Aug 14, 2013 at 9:10 AM, Steven Barnabas
<sbarnabas at frontporch.com>wrote:

>  I am using GRE.
>
>  GRE packets which are encapsulated within IP will use IP protocol type
> 47.
>
>  This is neither TCP nor UDP.
>
>
>
>  Steven Barnabas
> Network Engineer
> Front Porch, Inc.
> 209-288-5580
> 209-652-7733 mobile
> www.frontporch.com
>
>
>
>  On Aug 13, 2013, at 2:58 PM, Adam Young <ayoung at redhat.com> wrote:
>
>  On 08/13/2013 04:51 PM, Steven Barnabas wrote:
>
>  I have a basic Grizzly installation following these instructions.
> https://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/blob/OVS_SingleNode/OpenStack_Grizzly_Install_Guide.rst
>
> Everything is working great, however....
>
> I am trying to send some traffic via a gre tunnel to an IP address of an
> interface on my instance. This traffic is neither TCP or UDP. How do I
> allow this traffic through my security group since I can only select TCP,
> UDP, or ICMP. Is there a allow any any command?
>
>
>
> What protocol are you using?  Chances are it is either TCP or UDP.  HTTP
> is TCP.
>
>
>  Thank you.
>
>
>
>  Steven Barnabas
> Network Engineer
> Front Porch, Inc.
> 209-288-5580
> 209-652-7733 mobile
> www.frontporch.com
>
>
>
>
>
> _______________________________________________
> OpenStack-operators mailing listOpenStack-operators at lists.openstack.orghttp://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
>
>  _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
>
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20130815/f927813d/attachment-0001.html>


More information about the OpenStack-operators mailing list