Comment 2 for bug 1554177

I mean management and public network, what else that description can mean?

It also affect all other networks which is NOT under the NAT, but apparently it will be routable becasue the restrictions in iptables will not affect them.

I believe this method works with libvirt asynchronously and this "ordering" have not real effect on iptables rules and i'm 99% sure if you put sleep there it will work as expected, but to produce proper fix seems like someone have to put some more affort and take a look whats going on uder the hood.

And yeah, if you're too lazy to verify the bug is exist please go to the env where jobs is running and run something like

env_name=deploy_lcp_idc_edc_single.716.2016-03-10_11-23-50
q="" ;for f in admin management private public storage; do q="$q|`virsh net-dumpxml ${env_name}_$f | grep fuelbr | sed -e 's|.*\(fuelbr[0-9]*\).*|\1|g'`" ; done; iptables-save | grep -E "${q#|} "

on different envs and ensure the firewall rules order are different for different envs, if you'l read the rules(or topic message) carefully you'l notice that rules order will have impact on routing.