Thank you Mark for the answer.


On 29.09.2014 18:31, Mark McClain wrote:

On Sep 29, 2014, at 7:09 AM, Andrey Epifanov < <>> wrote:

Hi All,

I started working on the the and realized that we have the same issue with other connected resources in Neutron.

The is a bug in how we’re implementing the logic to manage routes on the router instance in the l3-agent implementation. There are other implementations of the logical router that do not need this restriction.

The problem is that we have API for the modification of any resources without limitations, for example, we can modify Router IP and connected to this subnet VMs never will know about it and lose the default router. The same situation
with routes and IP for DHCP/DNS ports.

I don’t see any of these as a bug. If tenant wants to make changes to their network (even ill advised ones), we should allow it. Restricting these API operations to admin’s means we’re inhibiting users from making changes that could be regular maintenance operations of a tenant.


OpenStack-dev mailing list

OpenStack-dev mailing list

Reply via email to