iptables is outdated on CentOS

Bug #1388117 reported by Sergey Kolekonov
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Fuel for OpenStack
Won't Fix
High
MOS Linux

Bug Description

Current version of iptables (iptables v1.4.7) is outdated and doesn't contain options required for advanced Neutron features such as DVR:

Stderr: "iptables-restore v1.4.7: unknown option `--notrack'\nError occurred at line: 28\nTry `iptables-restore -h' or 'iptables-restore --help'

Changed in fuel:
milestone: none → 6.0
no longer affects: fuel/6.1.x
Changed in fuel:
assignee: nobody → Fuel OSCI Team (fuel-osci)
Changed in fuel:
status: New → Confirmed
importance: Undecided → High
Roman Vyalov (r0mikiam)
Changed in fuel:
assignee: Fuel OSCI Team (fuel-osci) → MOS Linux (mos-linux)
Revision history for this message
Aleksander Mogylchenko (amogylchenko) wrote :

This error message is produces because Neutron uses CT target:
https://github.com/openstack/neutron/blob/2cc3a780853686cc1fbf3123402cb7862c9bb12c/neutron/agent/l3_agent.py#L1613

which is not supported in CentOS 6.5 (NOTRACK target should be used instead). CT target was introduces in RedHat 7 with 3.10 kernel.

Changed in fuel:
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Related blueprints

Remote bug watches

Bug watches keep track of this bug in other bug trackers.