[Openstack-operators] Kilo neutron-ns-metadata-proxy Problem
Eren Türkay
erent at skyatlas.com
Mon Aug 31 11:56:40 UTC 2015
Hello,
I installed Kilo neutron. I can create networks, namespaces are created and
neutron-ns-metadata-proxy is running. However, VM's cannot get SSH keys. I've
isolated the problem down the network namespace and a particular iptables rule.
Here is the iptables rule, it accepts the packets marked with 0x1 and rejects it:
-A neutron-vpn-agen-INPUT -m mark --mark 0x1 -j ACCEPT
-A neutron-vpn-agen-INPUT -p tcp -m tcp --dport 8775 -j DROP
When I remove the DROP rule, everything works. My question is how are these
packages to 169.245.169.254 is marked with 0x1? The iptables rules inside the
namespace can be found here: http://paste.ubuntu.com/12237691/
Regards,
--
Eren Türkay, System Administrator
https://skyatlas.com/ | +90 850 885 0357
Yildiz Teknik Universitesi Davutpasa Kampusu
Teknopark Bolgesi, D2 Blok No:107
Esenler, Istanbul Pk.34220
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150831/4c91e812/attachment.pgp>
More information about the OpenStack-operators
mailing list