Hi, Ben, I has implemented this feature based on neutron, it's now supported two backends: iptables and LVS. You may want to take a look at the code: https://github.com/liyingjun/neutron/tree/port-nat-support
Any feedback is welcome. Yingjun 2013/8/5 Salvatore Orlando <[email protected]> > Hi Ben, > > The closest the thing to what you want to achieve is the Floating IP, but, > as you say, this will not allow for fine-grained control over ports; so you > won't be able, for instance, to expose only port 443 of an internal IP. > > However, this is not in the Havana roadmap at the moment - but this surely > is something that can be discussed for the Icehouse release. > This could be implemented as an independent API extension, but could > actually be implemented by both the FWaaS agent and the L3 agent. This > decision will depend on the route we choose for service agents, which is > being discussed at the moment. > > For the time being you might try and use the LBaaS extension with pools > consistuted by a single service. > > Salvatore > > > > > On 4 August 2013 20:40, Ben Firshman <[email protected]> wrote: > >> Hi all, >> >> I have a large number of small VMs on Quantum internal networks. I'm >> trying to find a way to expose services externally without having to attach >> a whole IPv4 address to each machine. >> >> I'm basically looking for a way to NAT external addresses and ports to >> internal addresses and ports. (TCP/UDP ports that is.) The upcoming FWaaS >> seems to give more fine-grained control over iptables rules, but not NAT it >> seems. >> >> Perhaps this could be part of FWaaS? Perhaps some kind of separate NATing >> service? >> >> Thanks, >> >> Ben >> >> >> >> _______________________________________________ >> Mailing list: >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> Post to : [email protected] >> Unsubscribe : >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> > > > _______________________________________________ > Mailing list: > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : [email protected] > Unsubscribe : > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > >
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
