tsjsdbd
Jul 29, 2014, 5:44:59 AM7/29/14
to vcap...@cloudfoundry.org
Hi,
I have some problem when use Bridge mode for Linux containers. which I want to connect containers host on differents dea. make all those containers in one subnet.
Fierst, I create a bridge on dea, add eth0 into this bridge, and grab the IP from eth0,
every thing is OK, but the packet send out form this bridge is droped by opnstack.
after some investigate, i find openstack's computer node have some iptables rule which check packet's Mac address will drop the packet.
so I add some Top rule in computer node's iptables:
-A FORWARD -s 10.10.10.0/24 -j RETURN
-A FORWARD -j neutron-filter-top
-A FORWARD -j neutron-openvswi-FORWARD
it is OK, but after maybe 1 minute, the rule was refreshed by openstack:
-A FORWARD -j neutron-filter-top
-A FORWARD -j neutron-openvswi-FORWARD
-A FORWARD -s 10.10.10.0/24 -j RETURN
so it fail again, anyone can help me? or if openstack have some config that allow bridge mode in VM.
Reply all
Reply to author
Forward
0 new messages