(dropping -dev, this is a deployment question). firewall_driver=neutron.agent.firewall.NoopFirewallDriver ^ thats your problem. It's a no-op driver, which means no firewall rules are applied. http://docs.openstack.org/havana/install-guide/install/yum/content/install-neutron.install-plugin-compute.ovs.html (applies to apt etc as well - just the first hit from google :)) covers this part of the setup. -Rob On 24 October 2013 01:57, Leandro Reox <leandro.reox at gmail.com> wrote: > Hi guys, > > Seem that i cant find the right combination to get neutron security groups > working with nova and OVS > > - I see the logs on the ovs agent like sec group updated or rule updated > - I can configure the rules on neutron without an issue > > BUT > > Seems like nova is not doing anything with the the rules itself, i dont see > any root-wrap event trying to apply an iptables chain, its like the the > agent is not passing the order to apply the rules to nova > > Here is all the nova.conf stuff, and agent logs, and iptables chains: > http://pastebin.com/RMgQxFyN > > > I dont know what to try to get this working , maybe im using the wrong > firewall driver or something ? or do i need for example that neutron and > nova connects to the same queue?? > > Best > Lean > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev at lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > -- Robert Collins <rbtcollins at hp.com> Distinguished Technologist HP Converged Cloud