neutron

Migration to the nftables implementation

Registered by Slawek Kaplonski on 2020-11-02

This BP tracks migration from the old iptables to new nftables solution in the Neutron and Neutron stadium projects.

Blueprint information

Status:
Started
Approver:
Slawek Kaplonski
Priority:
Medium
Drafter:
Slawek Kaplonski
Direction:
Approved
Assignee:
Rodolfo Alonso
Definition:
Approved
Series goal:
None
Implementation:
Started
Milestone target:
milestone icon next
Started by
Slawek Kaplonski on 2021-04-14

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.opendev.org/#/q/topic:bp/nftables-migration

Addressed by: https://review.opendev.org/759874
    [WIP][POC] NFTables

Fix to support disabling "ipset", not supported with "nftables": https://review.opendev.org/c/openstack/neutron/+/784913

Make ARP protection commands compatible with "ebtables-nft": https://review.opendev.org/c/openstack/neutron/+/785177

Add periodic jobs to test "nftables" binaries: https://review.opendev.org/c/openstack/neutron/+/785144

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.