osdir.com


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[neutron] OpenvSwitch firewall sctp getting dropped


modprobe ip_conntrack_proto_sctp
--> Module not found

My kernel is 3.10.0-957.el7.x86_64

Vào Th 3, 30 thg 7, 2019 lúc 04:13 Jakub Libosvar <jlibosva at redhat.com> Ä?ã
viết:

> On 29/07/2019 17:38, thuanlk at viettel.com.vn wrote:
> > I have installed Openstack Queens on CentOs 7 with OvS and I recently
> used
> > the native openvswitch firewall to implement SecusiryGroup. The native
> OvS
> > firewall seems to work just fine with TCP/UDP traffic but it does not
> > forward any SCTP traffic going to the VMs no matter how I change the
> > security groups, But it run if i disable port security completely or use
> > iptables_hybrid firewall driver. What do I have to do to allow SCTP
> packets
> > to reach the VMs?
> >
> >
> You need to load kernel module for netfilter that supports sctp.
> Depending on the kernel you're using, it could be either compiled in or
> compiled as a module. You can try to
>
>  modprobe ip_conntrack_proto_sctp
>
> to see if it fixes the issue for you.
>
> Kuba
>
>
> --
*LÄ?ng Khắc Thuận*

*Phone*: 01649729889
*Email: khacthuan.hut at gmail.com <leduydungttk54 at gmail.com>*
*Skype: khacthuan_bk*

*Student at Applied Mathematics and Informatics*
*Center for training of excellent students*
*Hanoi University of Science and Technology. *
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190730/d5316975/attachment.html>