If you decide to go the iptables route, you could try neti <https://github.com/Instagram/neti> (blog post here <http://instagram-engineering.tumblr.com/post/100758229719/migrating-from-aws-to-aws> .)
On 27 October 2014 16:44, Juho Mäkinen <juho.maki...@gmail.com> wrote: > Hi! > > >> 2014-10-23 11:16 GMT+02:00 Alain RODRIGUEZ <arodr...@gmail.com>: >>> >>> We are currently wondering about the best way to configure network >>> architecture to have a Cassandra cluster multi DC. >>> >>> On solution 2, we would need to open IPs one by one on 3 ports (7000, >>> 9042, 9160) at least. 100 entries in a security group would allow us to >>> have a maximum of ~30 nodes >>> >> > You can also allow those ports from everywhere and then use local iptables > to limit the access to only those IPs which you are actually using. You'll > most certainly need some kind of configuration management system for this > (Chef, puppet, salt-stack etc). >