diff --git a/ansible/roles/neutron/tasks/config.yml b/ansible/roles/neutron/tasks/config.yml
index e7cc7b1916..258f7d383c 100644
--- a/ansible/roles/neutron/tasks/config.yml
+++ b/ansible/roles/neutron/tasks/config.yml
@@ -1,4 +1,15 @@
 ---
+- name: Allowing IP forwarding on network node
+  sysctl: name="net.ipv4.ip_forward" value=1 sysctl_set=yes
+  when: inventory_hostname in groups['neutron-agents']
+
+- name: Disabling reverse path filter on network node
+  sysctl: name="net.ipv4.{{ item }}.rp_filter" value=0 sysctl_set=yes
+  with_items:
+    - "all"
+    - "default"
+  when: inventory_hostname in groups['neutron-agents']
+
 - include: ../../config.yml
   vars:
     service_name: "neutron-server"
diff --git a/ansible/roles/nova/tasks/config.yml b/ansible/roles/nova/tasks/config.yml
index 0ba4ad34b5..f5b2561514 100644
--- a/ansible/roles/nova/tasks/config.yml
+++ b/ansible/roles/nova/tasks/config.yml
@@ -1,4 +1,18 @@
 ---
+- name: Disabling netfilter for bridges
+  sysctl: name="net.ipv4.bridge-nf-call-{{ item }}" value=1 sysctl_set=yes
+  with_items:
+    - "iptables"
+    - "ip6tables"
+  when: inventory_hostname in groups['compute']
+
+- name: Disabling reverse path filter on compute node
+  sysctl: name="net.ipv4.{{ item }}.rp_filter" value=0 sysctl_set=yes
+  with_items:
+    - "all"
+    - "default"
+  when: inventory_hostname in groups['neutron-agents']
+
 - include: ../../config.yml
   vars:
     service_name: "nova-api"