openstack/neutron
Code Issues Proposed changes
747ac57524
neutron/releasenotes/notes/ovs-ct-firewall-driver-52a70a6a16d06f59.yaml
Jakub Libosvar ef29f7eb9a Open vSwitch conntrack based firewall driver 
This firewall requires OVS 2.5+ version supporting conntrack and kernel
conntrack datapath support (kernel>=4.3). For more information, see
https://github.com/openvswitch/ovs/blob/master/FAQ.md

As part of this new entry points for current reference firewalls were
added.

Configuration:
in openvswitch_agent.ini:
    - in securitygroup section set firewall_driver to openvswitch

DocImpact
Closes-bug: #1461000

Co-Authored-By: Miguel Angel Ajo Pelayo <mangelajo@redhat.com>
Co-Authored-By: Amir Sadoughi <amir.sadoughi@rackspace.com>

Change-Id: I13e5cda8b5f3a13a60b14d80e54f198f32d7a529
2016-02-16 16:47:21 +00:00

12 lines
409 B
YAML
Raw Blame History

---
features:
- New security groups firewall driver is introduced.
It's based on OpenFlow using connection tracking.
issues:
- OVS firewall driver doesn't work well with other features
using openflow.
other:
- OVS firewall driver requires OVS 2.5 version or higher
with linux kernel 4.3 or higher. More info at
`OVS github page <https://github.com/openvswitch/ovs/blob/master/FAQ.md>`_.
View Git Blame Copy Permalink