Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-42798

Document that with the gatewayConfig.ipForwarding set to Restricted the default policy of the FORWARD iptables chain is set to DROP

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • 4.17.0
    • Documentation / SDN
    • None
    • False
    • Hide

      None

      Show
      None

      https://issues.redhat.com/browse/OCPBUGS-23957 introduced a change in behavior the we should document.

      For clusters that have the `.spec.defaultNetwork.ovnKubernetesConfig.gatewayConfig.ipForwarding`field set to `Restricted` in the network.operator object we set the default policy of the FORWARD iptables chain to DROP.

      It is further described here: https://github.com/kyrtapz/ovn-kubernetes/blob/681f7cabc2aa5782bfea93506044f292df631cb7/docs/getting-started/configuration.md#forwarding-rules

       

              jaldinge@redhat.com Joe Aldinger
              pdiak@redhat.com Patryk Diak
              Zhanqi Zhao Zhanqi Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: