yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #05560
[Bug 1212168] Re: Can't dnat from 169.254.169.254:80 to host:8775
** Changed in: neutron
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1212168
Title:
Can't dnat from 169.254.169.254:80 to host:8775
Status in OpenStack Neutron (virtual network service):
Fix Released
Bug description:
After setting "enable_metadata_proxy=False" on /etc/neutron/l3_agent.ini, which means shut down the
neutron-ns-metadata-proxy, and choose to use nova metadata, but there still have a rule as below:
iptables -t nat -D neutron-l3-agent-PREROUTING -d 169.254.169.254/32
-p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
which will block the rules
iptables -t nat -A PREROUTING -d 169.254.169.254/32 -p tcp -m tcp
--dport 80 -j DNAT --to-destination $HOST:8775
I think this is a bug, it should be fixed in the code, if not enable neutron metadata , then don't add the first rule.
Thanks advance for any advice.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1212168/+subscriptions