Re: [Openstack] sysctl fails

Thu, 13 Aug 2015 09:20:16 -0700 

AFAIK yes, your OpenStack setup would work fine.
But the Security Group (including anti-spoofing) rules will not have any effect to the traffic that is generated by the VMs. 

On 08/13/2015 04:49 PM, FASEELA.ASHRAF wrote:

Is it necessary only for implementing security group policy? Even if I 
don't set this, the open stack installation and a fully functional 
openstack environment should work, isn't it?



On Thu, Aug 13, 2015 at 2:01 PM, Sridhar Gaddam <sgad...@redhat.com 
<mailto:sgad...@redhat.com>> wrote:


    Neutron implements Security Groups by applying iptable rules on
    Linux bridge. So, we need these parameters to be set.
    Please see [1] for details.
    [1] - https://bugs.launchpad.net/openstack-manuals/+bug/1359691


    On 08/13/2015 01:50 PM, FASEELA.ASHRAF wrote:

    I installed the package bridge-utils and the error remains the
    same. In other versions of Openstack like Juno and kilo these lines:

    net.bridge.bridge-nf-call-arptables=1
    net.bridge.bridge-nf-call-iptables=1
     net.bridge.bridge-nf-call-ip6tables=1

    are not used in the sysctl file. So are they mandatory ?



    On Thu, Aug 13, 2015 at 1:21 PM, Andreas Scheuring
    <scheu...@linux.vnet.ibm.com
    <mailto:scheu...@linux.vnet.ibm.com>> wrote:

        Can you try the package bridge-utils?

        On Do, 2015-08-13 at 11:15 +0530, FASEELA.ASHRAF wrote:
        > Hi ,
        >
        > I am trying to install a 3 node architecture of Openstack
        icehouse
        > version on my Ubuntu 14.04LTS . I would like to know if it is
        > necessary to add the following lines to sysctl.conf in
        network node.
        > net.bridge.bridge-nf-call-arptables=1
        > net.bridge.bridge-nf-call-iptables=1
        > net.bridge.bridge-nf-call-ip6tables=1
        >
        > When running the command sysctl -p following errors are shown :
        > sysctl: cannot stat
        /proc/sys/net/bridge/bridge-nf-call-arptables: No such file
        or directory
        > sysctl: cannot stat
        /proc/sys/net/bridge/bridge-nf-call-iptables: No such file or
        directory
        > sysctl: cannot stat
        /proc/sys/net/bridge/bridge-nf-call-ip6tables: No such file
        or directory
        >
        > Am I missing some package in my system?
        >
        >
        >
        > _______________________________________________
        > Mailing list:
        http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
        > Post to     : openstack@lists.openstack.org
        <mailto:openstack@lists.openstack.org>
        > Unsubscribe :
        http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

        --
        Andreas
        (IRC: scheuran)





    _______________________________________________
    Mailing list:http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
    Post to     :openstack@lists.openstack.org  
<mailto:openstack@lists.openstack.org>
    Unsubscribe :http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack






_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack






















					Reply via email to