neutron

  1. Bug #1622914
  2. Comment #24

Comment 24 for bug 1622914

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Related fix merged to neutron (master)

Reviewed: https://review.openstack.org/436315
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=c1dfb53bf1db1fe65ba6a8ef64a0b30151ee5c03
Submitter: Jenkins
Branch: master

commit c1dfb53bf1db1fe65ba6a8ef64a0b30151ee5c03
Author: Ihar Hrachyshka <email address hidden>
Date: Sat Feb 11 12:50:04 2017 +0000

    iptables: stop 'fixing' kernel sysctl bridge firewalling knobs

    Those are different on different kernel versions, and have reasonable
    default values on all newer kernel versions, including RHEL. We
    nevertheless made devstack to set those in the past; now I propose to
    clean the code from neutron tree and leave it up to deployment tools to
    fix in an unlikely case the system has broken default values.

    Now that iptables firewall code does not trigger sysctl, we can also
    remove this filter from the corresponding rootwrap .filters file.

    DocImpact make sure deployment docs mention the expected sysctl knob
              values.

    Change-Id: Iabf61021c90b0536be274463d48fb5a572ecc023
    Related-Bug: #1622914