On Mon, Jun 30, 2014 at 2:11 PM, Paul Ward <[email protected]> wrote: > The current design for ovs-neutron-agent is that it will wipe out all flows > configured on the system when it starts up, recreating them for each neutron > port it's aware of. This has a not-so-desirable side effects that there's a > temporary hiccup in network connectivity for the VMs on the host. > > My questions to the list: Is there a reason it was designed this way (other > than "Everything on the system must be managed by OpenStack")? Is there > ongoing work to address this or would it be a worthwhile contribution from > our side? > This was actually the result of a bug fix in Juno-1 [1]. As reported by the TripleO folks, having the agent default to setting up a "NORMAL" flow added may have allowed for VMs to talk to each other, but it was also a huge security hole. I'm curious what ideas you have around this, though.
Thanks, Kyle [1] https://bugs.launchpad.net/tripleo/+bug/1290486 and https://bugs.launchpad.net/neutron/+bug/1324703 > > _______________________________________________ > OpenStack-dev mailing list > [email protected] > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
