[Openstack-operators] Fwd: [OpenStack][Neutron][Monasca] Traffic counters at Layer 3

Rubab Syed rubab.syed21 at gmail.com
Mon Apr 25 18:20:45 UTC 2016


---------- Forwarded message ----------
From: Rubab Syed <rubab.syed21 at gmail.com>
Date: Mon, Apr 25, 2016 at 11:20 PM
Subject: [OpenStack][Neutron][Monasca] Traffic counters at Layer 3
To: "OpenStack Development Mailing List (not for usage questions)" <
openstack-dev at lists.openstack.org>


Hi folks,

I'm writing a plugin for Monasca to monitor traffic at layer 3. My Neutron
backend is OVS and I'm using iptables of network namespaces for getting
traffic counters. Would the following rules in router namespace cover all
the traffic at layer 3 per router per tenant?

- Chain MONASCA-INPUT in filter table
   - src: anywhere     dest: gateway port IP   // north-south traffic for
SNATed and FIPs

- Chain MONASCA-FORWARD in filter table
  - src: anywhere       dest: anywhere          // east-west traffic
inter-network and intra-network

- Chain MONASCA-OUTPUT in filter table
  - src: gateway port     dest: anywhere      // north-south traffic from
VMs to public network


Would these be sufficient or am I missing something?

Thanks!

Rubab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20160425/0f6189d9/attachment.html>


More information about the OpenStack-operators mailing list