[openstack-dev] [neutron]Performance of security group
blak111 at gmail.com
Thu Jun 19 02:55:56 UTC 2014
This sounds like a good idea to handle some of the performance issues until
the ovs firewall can be implemented down the the line.
Do you have any performance comparisons?
On Jun 18, 2014 7:46 PM, "shihanzhang" <ayshihanzhang at 126.com> wrote:
> Hello all,
> Now in neutron, it use iptable implementing security group, but the
> performance of this implementation is very poor, there is a bug:
> https://bugs.launchpad.net/neutron/+bug/1302272 to reflect this problem.
> In his test, with default security groups(which has remote security
> group), beyond 250-300 VMs, there were around 6k Iptable rules on evry
> compute node, although his patch can reduce the processing time, but it
> don't solve this problem fundamentally. I have commit a BP to solve this
> There are other people interested in this it?
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev