On Nov 18, 2013, at 4:26 PM, Kanthi P <pavuluri.kan...@gmail.com> wrote: > Hi All, > > We are planning to implement quantum security groups using openflows for ovs > plugin instead of iptables which is the case now. > > Doing so we can avoid the extra linux bridge which is connected between the > vnet device and the ovs bridge, which is given as a work around since ovs > bridge is not compatible with iptables. > > We are planning to create a blueprint and work on it. Could you please share > your views on this > Hi Kanthi:
Overall, this idea is interesting and removing those extra bridges would certainly be nice. Some people at Bluehost gave a talk at the Summit [1] in which they explained they have done something similar, you may want to reach out to them since they have code for this internally already. The OVS plugin is in feature freeze during Icehouse, and will be deprecated in favor of ML2 [2] at the end of Icehouse. I would advise you to retarget your work at ML2 when running with the OVS agent instead. The Neutron team will not accept new features into the OVS plugin anymore. Thanks, Kyle [1] http://www.openstack.org/summit/openstack-summit-hong-kong-2013/session-videos/presentation/towards-truly-open-and-commoditized-software-defined-networks-in-openstack [2] https://wiki.openstack.org/wiki/Neutron/ML2 > Thanks, > Kanthi > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
