Security Groups implementation

Vishal Thapar <vishal.thapar@...>



I was looking for some information on the SG implementation in ODL. My understanding is that the provider in net-virt is in progress while NeutronNorthbound part of it is complete. Is this correct?


I was working with Amir on OVS Firewall during Icehouse/Juno before it got pushed back till conntrack support was available in OVS. My question is about the ODL implementation in-progress now, is it based off conntrack, or does it use one of the earlier approaches [TCP flags or Learn]?


I didn’t find anything in wiki outlining the design of SG implementation. Could anyone shed any light on these?




Join { to automatically receive all group messages.