Weird iptables problem

Florian Rommel florian at
Sun Nov 1 09:19:45 UTC 2020

Hi, so we deployed a test cluster with 8 total nodes. Openstack ussuri,  Ubuntu 20.04 , opevswitch, octavia.
Everything works more or less as it should , however when deploying a loadbalancer (which works perfectly), instances on the same node as the amphora deployment loose all access via public up after open switch logs a message : modified security group “long uuid”, which is a sec group belonging to octavia. What effect does that have with the rest?

Should ufw be on and started?
How can we troubleshoot this more in depth? 
Why does the lb work perfectly whole instance with floating up loos all access from the internet but the lb works fine passing thru the web services.

One more thing. Does anyone have a recommended sysctl.conf Settings list for Ubuntu/ openstack ussuri?

Thanks already and have a nice weekend,

More information about the openstack-discuss mailing list