[Openstack-operators] How Do I allow IP protocols other than TCP, UDP, or ICMP (such as GRE)through my security group?
Zhang, Kimi (NSN - CN/Cheng Du)
kimi.zhang at nsn.com
Wed Aug 14 08:49:41 UTC 2013
Some protocols like SCTP are neither TCP nor UDP, can not match security group setting.
A workaround it to encapsulate those packets into normal TCP/UDP packets by some tunneling/VPN protocols, such as L2TP/IPsec VPN.
Kimi Zhang
+86 186 0800 8182
From: ext Adam Young [mailto:ayoung at redhat.com]
Sent: Wednesday, August 14, 2013 5:58 AM
To: openstack-operators at lists.openstack.org
Subject: Re: [Openstack-operators] How Do I allow IP protocols other than TCP, UDP, or ICMP (such as GRE)through my security group?
On 08/13/2013 04:51 PM, Steven Barnabas wrote:
I have a basic Grizzly installation following these instructions.https://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/blob/OVS_SingleNode/OpenStack_Grizzly_Install_Guide.rst
Everything is working great, however....
I am trying to send some traffic via a gre tunnel to an IP address of an interface on my instance. This traffic is neither TCP or UDP. How do I allow this traffic through my security group since I can only select TCP, UDP, or ICMP. Is there a allow any any command?
What protocol are you using? Chances are it is either TCP or UDP. HTTP is TCP.
Thank you.
Steven Barnabas
Network Engineer
Front Porch, Inc.
209-288-5580
209-652-7733 mobile
www.frontporch.com<http://www.frontporch.com/>
_______________________________________________
OpenStack-operators mailing list
OpenStack-operators at lists.openstack.org<mailto:OpenStack-operators at lists.openstack.org>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20130814/70f87dd2/attachment.html>
More information about the OpenStack-operators
mailing list