Added ip forwarding for nuage

2 files changed, 19 insertions, 0 deletions

diff --git a/roles/nuage_node/tasks/iptables.yml b/roles/nuage_node/tasks/iptables.yml
new file mode 100644
index 000000000..52935f075
--- /dev/null
+++ b/roles/nuage_node/tasks/iptables.yml
@@ -0,0 +1,17 @@
+---
+- name: IPtables | Get iptables rules
+  command: iptables -L --wait
+  register: iptablesrules
+  always_run: yes
+
+- name: Allow traffic from overlay to underlay
+  command: /sbin/iptables --wait -I FORWARD 1 -s {{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }} -j ACCEPT -m comment --comment "nuage-overlay-underlay" 
+  when: "'nuage-overlay-underlay' not in iptablesrules.stdout"
+  notify:
+    - save iptable rules
+
+- name: Allow traffic from underlay to overlay
+  command: /sbin/iptables --wait -I FORWARD 1 -d {{ hostvars[groups.oo_first_master.0].openshift.master.sdn_cluster_network_cidr }} -j ACCEPT -m comment --comment "nuage-underlay-overlay"
+  when: "'nuage-underlay-overlay' not in iptablesrules.stdout"
+  notify:
+    - save iptable rules
diff --git a/roles/nuage_node/tasks/main.yaml b/roles/nuage_node/tasks/main.yaml
index 1146573d3..2ec4be2c2 100644
--- a/roles/nuage_node/tasks/main.yaml
+++ b/roles/nuage_node/tasks/main.yaml
@@ -37,3 +37,5 @@
   notify:
     - restart vrs
     - restart node 
+
+- include: iptables.yml