diff --git a/functions b/functions
index faf05c3c0c..17dc922b98 100644
--- a/functions
+++ b/functions
@@ -646,6 +646,16 @@ function set_mtu {
 }
 
 
+# running_in_container - Returns true otherwise false
+function running_in_container {
+    if grep -q lxc /proc/1/cgroup; then
+        return 0
+    fi
+
+    return 1
+}
+
+
 # enable_kernel_bridge_firewall - Enable kernel support for bridge firewalling
 function enable_kernel_bridge_firewall {
     # Load bridge module. This module provides access to firewall for bridged
diff --git a/lib/neutron b/lib/neutron
index 4ba9f00a34..465d55d94f 100644
--- a/lib/neutron
+++ b/lib/neutron
@@ -183,7 +183,9 @@ function configure_neutron_new {
             iniset $NEUTRON_PLUGIN_CONF ovs local_ip $HOST_IP
         fi
 
-        enable_kernel_bridge_firewall
+        if ! running_in_container; then
+            enable_kernel_bridge_firewall
+        fi
     fi
 
     # DHCP Agent
diff --git a/lib/neutron_plugins/linuxbridge_agent b/lib/neutron_plugins/linuxbridge_agent
index 0c8ccb8718..f031fc7c59 100644
--- a/lib/neutron_plugins/linuxbridge_agent
+++ b/lib/neutron_plugins/linuxbridge_agent
@@ -71,7 +71,9 @@ function neutron_plugin_configure_plugin_agent {
     fi
     if [[ "$Q_USE_SECGROUP" == "True" ]]; then
         iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
-        enable_kernel_bridge_firewall
+        if ! running_in_container; then
+            enable_kernel_bridge_firewall
+        fi
     else
         iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.firewall.NoopFirewallDriver
     fi
diff --git a/lib/neutron_plugins/ovs_base b/lib/neutron_plugins/ovs_base
index a2bf70e81c..d734ebc9a0 100644
--- a/lib/neutron_plugins/ovs_base
+++ b/lib/neutron_plugins/ovs_base
@@ -84,7 +84,9 @@ function _neutron_ovs_base_configure_debug_command {
 function _neutron_ovs_base_configure_firewall_driver {
     if [[ "$Q_USE_SECGROUP" == "True" ]]; then
         iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
-        enable_kernel_bridge_firewall
+        if ! running_in_container; then
+            enable_kernel_bridge_firewall
+        fi
     else
         iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.firewall.NoopFirewallDriver
     fi
diff --git a/lib/nova b/lib/nova
index 0683184fa5..f77b603417 100644
--- a/lib/nova
+++ b/lib/nova
@@ -871,7 +871,9 @@ function start_nova_rest {
     run_process n-crt "$NOVA_BIN_DIR/nova-cert --config-file $api_cell_conf"
 
     if is_service_enabled n-net; then
-        enable_kernel_bridge_firewall
+        if ! running_in_container; then
+            enable_kernel_bridge_firewall
+        fi
     fi
     run_process n-net "$NOVA_BIN_DIR/nova-network --config-file $compute_cell_conf"