[openstack-dev] [OpenStack][Neutron][Monasca] Traffic counters at Layer 3

Armando M. armamig at gmail.com
Tue Apr 26 04:14:11 UTC 2016


On 25 April 2016 at 11:20, Rubab Syed <rubab.syed21 at gmail.com> wrote:

> Hi folks,
>
> I'm writing a plugin for Monasca to monitor traffic at layer 3. My Neutron
> backend is OVS and I'm using iptables of network namespaces for getting
> traffic counters. Would the following rules in router namespace cover all
> the traffic at layer 3 per router per tenant?
>
> - Chain MONASCA-INPUT in filter table
>    - src: anywhere     dest: gateway port IP   // north-south traffic for
> SNATed and FIPs
>
> - Chain MONASCA-FORWARD in filter table
>   - src: anywhere       dest: anywhere          // east-west traffic
> inter-network and intra-network
>
> - Chain MONASCA-OUTPUT in filter table
>   - src: gateway port     dest: anywhere      // north-south traffic from
> VMs to public network
>
>
> Would these be sufficient or am I missing something?
>

Have you looked at the iptables driver already available in Neutron [1]?
That should give enough pointers.

[1]
https://github.com/openstack/neutron/blob/master/neutron/services/metering/drivers/iptables/iptables_driver.py


>
> Thanks!
>
> Rubab
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160425/e14282ed/attachment.html>


More information about the OpenStack-dev mailing list