On 2013?01?09? 21:58, Joe Warren-Meeks wrote: > Hi guys, > > I've managed to disable NAT by deleting the correct rule. This means > all my instances are properly routable no, which is exactly what I want. > > To do this, I'm using > > iptables -vnL -t nat --line-numbers > > to get the rule number from the nova-network-snat chain and deleting > it using: > > iptables -t nat -D nova-network-snat <num> > > My question is when and where are those snat rules created, so that I > can prevent them from being setup in the first place. > > Kind regards > > -- joe. > > > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : [email protected] > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp 1. delete all floating ips allocate a floating ip to instance will create a SNAT rule and 2 DNAT rules. 2. iptables -t nat -I nova-network-float-snat -j RETURN avoid the shared SNAT rule
-- Jian Wen Software Engineer, Services and Support Team Canonical, Ltd
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
