<div dir="ltr">Hi,<div><br></div><div>Is the rules implemented in the iptables of the node (I am running all-in-one, LinuxBridge setup), or is it implemented in the iptables of a separate network namespace?</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jan 19, 2017 at 1:27 PM, Melvin Hillsman <span dir="ltr"><<a href="mailto:mrhillsman@gmail.com" target="_blank">mrhillsman@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">If you are running an all-in-one/single node deployment, your security groups are implemented via iptables on that node. If you had a multi-node setup, security group rules would show up on the compute hosts.<br></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="h5">On Thu, Jan 19, 2017 at 12:47 AM, Vimal Kumar <span dir="ltr"><<a href="mailto:vimal7370@gmail.com" target="_blank">vimal7370@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5"><div dir="ltr"><div>
<p class="m_1266749451683132838m_626761459836494854gmail-p1">Hi! </p><p class="m_1266749451683132838m_626761459836494854gmail-p1">How can I troubleshoot issues related to security groups? It is probably getting implemented via iptables but where? In the host iptables, or inside network namespace, or inside instance itself? I am running a single-node Newton.</p><p class="m_1266749451683132838m_626761459836494854gmail-p1">
</p><p class="m_1266749451683132838m_626761459836494854gmail-p1">I am looking for a way to check whether the rules in my security group is actually being implemented or not.</p><p class="m_1266749451683132838m_626761459836494854gmail-p1">Thank you!</p><p class="m_1266749451683132838m_626761459836494854gmail-p1">Regards,</p><p class="m_1266749451683132838m_626761459836494854gmail-p1">Vimal</p></div></div>
<br></div></div>______________________________<wbr>_________________<br>
Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi<wbr>-bin/mailman/listinfo/openstac<wbr>k</a><br>
Post to : <a href="mailto:openstack@lists.openstack.org" target="_blank">openstack@lists.openstack.org</a><br>
Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi<wbr>-bin/mailman/listinfo/openstac<wbr>k</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br><div class="m_1266749451683132838gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">Kind regards,<br><br>Melvin Hillsman<br>Ops Technical Lead<br>OpenStack Innovation Center<br><br><a href="mailto:mrhillsman@gmail.com" target="_blank">mrhillsman@gmail.com</a><br>phone: (210) 312-1267<br>mobile: (210) 413-1659<br><a href="http://osic.org" target="_blank">http://osic.org</a><br><br><span>Learner | Ideation | Belief | Responsibility | Command</span><br></div></div>
</div>
</blockquote></div><br></div>