[neutron] OpenvSwitch firewall sctp getting dropped
khacthuan.hut at gmail.com
Tue Jul 30 04:32:02 UTC 2019
--> Module not found
My kernel is 3.10.0-957.el7.x86_64
Vào Th 3, 30 thg 7, 2019 lúc 04:13 Jakub Libosvar <jlibosva at redhat.com> đã
> On 29/07/2019 17:38, thuanlk at viettel.com.vn wrote:
> > I have installed Openstack Queens on CentOs 7 with OvS and I recently
> > the native openvswitch firewall to implement SecusiryGroup. The native
> > firewall seems to work just fine with TCP/UDP traffic but it does not
> > forward any SCTP traffic going to the VMs no matter how I change the
> > security groups, But it run if i disable port security completely or use
> > iptables_hybrid firewall driver. What do I have to do to allow SCTP
> > to reach the VMs?
> You need to load kernel module for netfilter that supports sctp.
> Depending on the kernel you're using, it could be either compiled in or
> compiled as a module. You can try to
> modprobe ip_conntrack_proto_sctp
> to see if it fixes the issue for you.
*Lăng Khắc Thuận*
*Email: khacthuan.hut at gmail.com <leduydungttk54 at gmail.com>*
*Student at Applied Mathematics and Informatics*
*Center for training of excellent students*
*Hanoi University of Science and Technology. *
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openstack-discuss