Browse code
Merge "Ironic: Explicitly allow DHCP ports"
Jenkins authored on 2015/11/13 03:43:38Showing 1 changed files
| ... | ... |
@@ -672,6 +672,8 @@ function configure_iptables {
|
| 672 | 672 |
# enable tftp natting for allowing connections to HOST_IP's tftp server |
| 673 | 673 |
sudo modprobe nf_conntrack_tftp |
| 674 | 674 |
sudo modprobe nf_nat_tftp |
| 675 |
+ # explicitly allow DHCP - packets are occassionally being dropped here |
|
| 676 |
+ sudo iptables -I INPUT -p udp --dport 67:68 --sport 67:68 -j ACCEPT || true |
|
| 675 | 677 |
# nodes boot from TFTP and callback to the API server listening on $HOST_IP |
| 676 | 678 |
sudo iptables -I INPUT -d $HOST_IP -p udp --dport 69 -j ACCEPT || true |
| 677 | 679 |
sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $IRONIC_SERVICE_PORT -j ACCEPT || true |