[openstack-dev] [neutron] - Changing the Neutron default security group rules
mgagne at internap.com
Thu Mar 3 18:00:13 UTC 2016
On 2016-03-03 12:53 PM, Sean M. Collins wrote:
> sridhar basam wrote:
>> This doesn't sound like a neutron issue but an issue with how the
>> conntrack module for GRE changed in the kernel in 3.18.
> Oooh! Wicked nice find. Thanks Sri!
We had issue with GRE but unrelated to the one mentioned above.
Although security group is configured to allow GRE,
nf_conntrack_proto_gre module is not loaded by iptables/Neutron and
traffic is dropped. We had to load the module manually.
More information about the OpenStack-dev