2015-07-07 23:46 GMT+02:00 Salvatore Orlando sorla...@nicira.com:
Even if VMs are in the same logical network, it should be possible to do
isolation associating them with different security groups, in your case N
security groups.
For instance if VM1 and VM2 are associated respectively with
Hi,
I'm using Neutron+VLAN. Is it possible to isolate VMs in the same tenant
network, and filter traffic according to security rules?
In my understanding the allow_same_net_traffic in nova.conf only affects
nova-network and not Neutron behavior.
On the same note, I'd like to forbid traffic to
If I understand correctly your use case security groups can be probably
used to satisfy your goal with Neutron.
Groups of isolated VMs in the same network can be assigned to different
security groups. Traffic among different groups will be dropped unless
unable by a specific security group rule.
2015-07-07 20:52 GMT+02:00 Salvatore Orlando sorla...@nicira.com:
If I understand correctly your use case security groups can be probably
used to satisfy your goal with Neutron.
Groups of isolated VMs in the same network can be assigned to different
security groups. Traffic among different