Bug 1288968 - packstack should open Tunnel ports for VXLAN
packstack should open Tunnel ports for VXLAN
Product: RDO
Classification: Community
Component: openstack-packstack (Show other bugs)
Unspecified Unspecified
unspecified Severity low
: ---
: Liberty
Assigned To: Martin Magr
Depends On:
  Show dependency treegraph
Reported: 2015-12-07 01:35 EST by Itzik Brown
Modified: 2016-04-18 02:55 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-01-05 09:51:10 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
answer-file (42.30 KB, text/plain)
2015-12-07 10:44 EST, Martin Magr
no flags Details

  None (edit)
Description Itzik Brown 2015-12-07 01:35:32 EST
Description of problem:
Packstack doesn't open VXLAN UDP port 4789 on hosts when type driver is vxlan

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Configure iptables default policy to DROP  - iptables -P INPUT DROP
2. Configure setup with VXLAN support
3. Running iptables -S |grep 4789 on all nodes should show no entries

Actual results:

Expected results:

Additional info:
iptables -A INPUT -p udp --dport 4789 -j ACCEPT

iptables-save > /etc/sysconfig/iptables
Comment 2 Martin Magr 2015-12-07 09:51:33 EST
According to [1] and [2] VXLAN UDP port is being opened on controller and compute hosts. Please provide us with answer file, so we can try to reproduce

[1] https://github.com/openstack/packstack/blob/kilo/packstack/puppet/templates/neutron_ovs_agent.pp#L30
[2] https://github.com/openstack/puppet-neutron/blob/stable/kilo/manifests/agents/ml2/ovs.pp#L184
Comment 3 Martin Magr 2015-12-07 10:44 EST
Created attachment 1103280 [details]

Regarding https://bugzilla.redhat.com/show_bug.cgi?id=1288968
Please look at the following answer file

Comment 4 Itzik Brown 2015-12-07 23:06:12 EST
Please see the attached answer file.
Comment 5 Martin Magr 2016-01-05 09:51:10 EST
Port openning works for me on liberty version.


 **** Installation completed successfully ******
 * The generated manifests are available at: /var/tmp/packstack/20160105-092422-tgJO7o/manifests
[para@centos7-vxlan ~]$ sudo iptables -L | grep 4789
ACCEPT     udp  --  centos7-vxlan        anywhere             multiport dports 4789 /* 001 neutron tunnel port incoming neutron_tunnel_192.168.122.232_192.168.122.232 */
[para@centos7-vxlan ~]$ rpm -qa openstack-packstack

Note You need to log in before you can comment on or make changes to this bug.