Hi All,
Would someone help me understand some potentially dangerous interactions
between allowed_address_pairs and security groups? My cloud is Icehouse
at the moment, but the behaviour seems unchanged in master. [1]
Suppose a User wants to build an instance that acts as a router.
User creates
Yes, this is expected behavior. Allows address pairs were mainly intended
for a few extra IP addresses that the port owns. Using /0 implies that the
Neutron port is responsible for all of those addresses. So if you allow
traffic from that Neutron port, it allows traffic from /0.
The router
