Thanks, I'll check it out. This is great! so no harm to turn it on :) On Mon, Apr 24, 2023 at 2:49 AM Lajos Katona <katonalala@gmail.com> wrote:
H, The OVS flow based Neutron firewall driver is long supported by the community and used by many operators in production, please check the documentation: https://docs.openstack.org/neutron/latest/admin/config-ovsfwdriver.html
For some details how it works please check the related internals doc:
https://docs.openstack.org/neutron/latest/contributor/internals/openvswitch_...
Best wished Lajos (lajoskatona)
Satish Patel <satish.txt@gmail.com> ezt írta (időpont: 2023. ápr. 24., H, 3:40):
Folks,
As we know, openvswitch uses a linuxbridge based firewall to implement security-groups on openstack. It works great but it has so many packet hops. It also makes troubleshooting a little complicated.
OpenvSwitch does support native firewall features in flows, Does it mature enough to implement in production and replace it with LinuxBridge based IPtables firewall?
~S