enabling explicitly_egress_direct to prevent flooding of packets
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Neutron Open vSwitch Charm |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
In the upstream bug report, a bridge flooding issue with openvswitch firewall driver was discussed, and in the end a new config option in Neutron as explicitly_
https:/
https:/
There are some conditions when to enable it so we might want to introduce some logic in the charm to handle it automatically or expose it as a charm config so it can be enabled explicitly.
> A new config option ``explicitly_
> was added for the aim of distinguishing clouds which are running the
> network node mixed with compute services, upstream neutron CI should be
> an example. In such situation, this ``explicitly_
> set to False, because there are numerous cases from HA routers which can
> not be covered, particularly when you have centralized floating IPs running
> in such mixed hosts.
> Otherwise, set ``explicitly_
> One more note is if your network nodes are for networing services only, we
> recommand you disable all the security_group to get a higher performance.
Changed in charm-neutron-openvswitch: | |
importance: | Undecided → Wishlist |
Changed in charm-neutron-openvswitch: | |
status: | New → Triaged |
A simple charm option to enable this would be sufficient.