[neutron] OpenvSwitch firewall sctp getting dropped
--> Module not found
My kernel is 3.10.0-957.el7.x86_64
VÃ o Th 3, 30 thg 7, 2019 lÃºc 04:13 Jakub Libosvar <jlibosva at redhat.com> Ä?Ã£
> On 29/07/2019 17:38, thuanlk at viettel.com.vn wrote:
> > I have installed Openstack Queens on CentOs 7 with OvS and I recently
> > the native openvswitch firewall to implement SecusiryGroup. The native
> > firewall seems to work just fine with TCP/UDP traffic but it does not
> > forward any SCTP traffic going to the VMs no matter how I change the
> > security groups, But it run if i disable port security completely or use
> > iptables_hybrid firewall driver. What do I have to do to allow SCTP
> > to reach the VMs?
> You need to load kernel module for netfilter that supports sctp.
> Depending on the kernel you're using, it could be either compiled in or
> compiled as a module. You can try to
> modprobe ip_conntrack_proto_sctp
> to see if it fixes the issue for you.
*LÄ?ng Kháº¯c Thuáºn*
*Email: khacthuan.hut at gmail.com <leduydungttk54 at gmail.com>*
*Student at Applied Mathematics and Informatics*
*Center for training of excellent students*
*Hanoi University of Science and Technology. *
-------------- next part --------------
An HTML attachment was scrubbed...