Hello Saverio, neutron.lbaas.v2-agent should apply iptables rules but it does not work. Also in redhat exixts the same issue reported here: https://bugzilla.redhat.com/show_bug.cgi?id=1500118 Regards 2018-03-26 9:32 GMT+02:00 Saverio Proto <zioproto at gmail.com>: > Hello Ignazio, > > it would interesting to know how this works. For instances ports, > those ports are created by openvswitch on the compute nodes, where the > neutron-agent will take care of the security groups enforcement (via > iptables or openvswitch rules). > > the LBaaS is a namespace that lives where the neutron-lbaasv2-agent is > running. > > The question is if the neutron-lbaasv2-agent is capable for setting > iptables rules. I would start to read the code there. > > Cheers, > > Saverio > > > 2018-03-23 13:51 GMT+01:00 Ignazio Cassano <ignaziocassano at gmail.com>: > > Hi all, > > following the ocata documentation, I am trying to apply security group > to a > > lbaas v2 port but > > it seems not working because any filter is applyed. > > The Port Security Enabled is True on lbaas port, so I expect applying > > security group should work. > > Is this a bug ? > > Regards > > Ignazio > > > > _______________________________________________ > > OpenStack-operators mailing list > > OpenStack-operators at lists.openstack.org > > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20180326/888525c5/attachment.html>