Document the incompatibility of trunk ports with iptables_hybrid fw

We seem to have forgot to properly document this limitation and this is popping up in bug reports. Change-Id: I3c1d79017349be13ebb2f4a924c065e041ccbf5a Partial-Bug: #1843285
2019-09-10 15:08:02 +02:00 · 2019-09-10 15:08:02 +02:00 · ccc7f4e248
commit ccc7f4e248
parent 7d48bde722
1 changed files with 5 additions and 0 deletions
--- a/doc/source/admin/config-trunking.rst
+++ b/doc/source/admin/config-trunking.rst
@ -320,5 +320,10 @@ Trunk states
 Limitations and issues
 ~~~~~~~~~~~~~~~~~~~~~~

+* In ``neutron-ovs-agent`` the use of ``iptables_hybrid`` firewall driver and
+  trunk ports are not compatible with each other. The ``iptables_hybrid``
+  firewall is not going to filter the traffic of subports.
+  Instead use other firewall drivers like ``openvswitch``.
+
 * See `bugs <https://bugs.launchpad.net/neutron/+bugs?field.tag=trunk>`__ for
  more information.