[Openstack-operators] How Do I allow IP protocols other than TCP, UDP, or ICMP (such as GRE)through my security group?
Aaron Rosen
arosen at nicira.com
Tue Aug 20 18:03:07 UTC 2013
You'll need to install or build a package that has this patch included.
Alternative, you could edit the code on the quantum-server and make these
changes to these two files:
https://review.openstack.org/#/c/32050/1/quantum/extensions/securitygroup.py
https://review.openstack.org/#/c/32050/1/quantum/plugins/nicira/common/securitygroups.py
then restart quantum-server
Aaron
On Tue, Aug 20, 2013 at 10:36 AM, Steven Barnabas
<sbarnabas at frontporch.com>wrote:
> Thank you for this. So should I just do a apt-get upgrade, apt-get
> update?
>
>
>
> Steven Barnabas
> Network Engineer
> Front Porch, Inc.
> 209-288-5580
> 209-652-7733 mobile
> www.frontporch.com
>
>
>
> On Aug 15, 2013, at 1:16 PM, Aaron Rosen <arosen at nicira.com> wrote:
>
> Hi,
>
> The following patch added support for this in early H1
> https://review.openstack.org/#/c/32050/ . This will cherry-pick to
> stable/grizzly without any conflict if you want to backport it for your
> deployment.
>
> Aaron
>
>
> On Wed, Aug 14, 2013 at 9:10 AM, Steven Barnabas <sbarnabas at frontporch.com
> > wrote:
>
>> I am using GRE.
>>
>> GRE packets which are encapsulated within IP will use IP protocol type
>> 47.
>>
>> This is neither TCP nor UDP.
>>
>>
>>
>> Steven Barnabas
>> Network Engineer
>> Front Porch, Inc.
>> 209-288-5580
>> 209-652-7733 mobile
>> www.frontporch.com
>>
>>
>>
>> On Aug 13, 2013, at 2:58 PM, Adam Young <ayoung at redhat.com> wrote:
>>
>> On 08/13/2013 04:51 PM, Steven Barnabas wrote:
>>
>> I have a basic Grizzly installation following these instructions.
>> https://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/blob/OVS_SingleNode/OpenStack_Grizzly_Install_Guide.rst
>>
>> Everything is working great, however....
>>
>> I am trying to send some traffic via a gre tunnel to an IP address of an
>> interface on my instance. This traffic is neither TCP or UDP. How do I
>> allow this traffic through my security group since I can only select TCP,
>> UDP, or ICMP. Is there a allow any any command?
>>
>>
>>
>> What protocol are you using? Chances are it is either TCP or UDP. HTTP
>> is TCP.
>>
>>
>> Thank you.
>>
>>
>>
>> Steven Barnabas
>> Network Engineer
>> Front Porch, Inc.
>> 209-288-5580
>> 209-652-7733 mobile
>> www.frontporch.com
>>
>>
>>
>>
>>
>> _______________________________________________
>> OpenStack-operators mailing listOpenStack-operators at lists.openstack.orghttp://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>
>>
>> _______________________________________________
>> OpenStack-operators mailing list
>> OpenStack-operators at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>
>>
>>
>> _______________________________________________
>> OpenStack-operators mailing list
>> OpenStack-operators at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20130820/f004d69f/attachment.html>
More information about the OpenStack-operators
mailing list