diff --git a/puppet/services/neutron-compute-plugin-ovn.yaml b/puppet/services/neutron-compute-plugin-ovn.yaml
index e3a4da990a..0dca29ab9a 100644
--- a/puppet/services/neutron-compute-plugin-ovn.yaml
+++ b/puppet/services/neutron-compute-plugin-ovn.yaml
@@ -48,6 +48,7 @@ outputs:
         ovn::controller::ovn_encap_type: {get_param: OVNTunnelEncapType}
         ovn::controller::ovn_encap_ip: {get_param: [ServiceNetMap, NeutronApiNetwork]}
         ovn::controller::ovn_bridge_mappings: {get_param: NeutronBridgeMappings}
+        nova::compute::force_config_drive: true
         tripleo.neutron_compute_plugin_ovn.firewall_rules:
           '118 neutron vxlan networks':
                 proto: 'udp'
diff --git a/puppet/services/ovn-dbs.yaml b/puppet/services/ovn-dbs.yaml
index 7f81afdeb3..6b8be77c8d 100644
--- a/puppet/services/ovn-dbs.yaml
+++ b/puppet/services/ovn-dbs.yaml
@@ -36,5 +36,11 @@ outputs:
           ovn::northbound::port: {get_param: OVNNorthboundServerPort}
           ovn::southbound::port: {get_param: OVNSouthboundServerPort}
           ovn::northd::dbs_listen_ip: {get_param: [ServiceNetMap, OvnDbsNetwork]}
+          tripleo.ovn_dbs.firewall_rules:
+            '121 OVN DB server ports':
+              proto: 'tcp'
+              dport:
+                - {get_param: OVNNorthboundServerPort}
+                - {get_param: OVNSouthboundServerPort}
       step_config: |
         include ::tripleo::profile::base::neutron::ovn_northd
diff --git a/releasenotes/notes/ovn-fcd4b0168e6745a8.yaml b/releasenotes/notes/ovn-fcd4b0168e6745a8.yaml
new file mode 100644
index 0000000000..f5ccec0687
--- /dev/null
+++ b/releasenotes/notes/ovn-fcd4b0168e6745a8.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - Support configuring NeutronBridgeMappings
+  - Set force_config_drive to true as OVN doesn't support metadata service
+  - Add necessary iptables rules to allow Geneve traffic and ovsdb-server
+    traffic for Northbound and Southbound databases.