Both are valid depending on what you want to do In the second scenario, attaching the Vns to the router itself would enable connectivity between the Vns. A network policy could be used on top of it to selectively allow/disallow traffic
Vedu From: Users <users-boun...@lists.opencontrail.org<mailto:users-boun...@lists.opencontrail.org>> on behalf of OpenContrail Users List - 2 <users@lists.opencontrail.org<mailto:users@lists.opencontrail.org>> Reply-To: Suresh Kumar S <sureshkuma...@altencalsoftlabs.com<mailto:sureshkuma...@altencalsoftlabs.com>> Date: Friday, June 23, 2017 at 10:38 AM To: Dev <dev-boun...@lists.opencontrail.org<mailto:dev-boun...@lists.opencontrail.org>>, OpenContrail Users List - 2 <users@lists.opencontrail.org<mailto:users@lists.opencontrail.org>> Subject: [Users] Network Policy Hi, What is valid scenario to test Network Policy in opencontrail? My seup: contrail 3.2 + openstack Mitaka Scenario1: 2 Virtual Networks, 1 VM on each Virtual Network. Create a network policy which allows traffic between the virtual networks (protocol:any,action:pass, direction: <>) Attach the network policy to both virtual networks. Test the ping between the VMs. Scenario2: 2 Virtual Networks, 1 VM on each Virtual Network. Create a Router (No Gateway), attach both virtual networks Create a network policy which allows traffic between the virtual networks (protocol:any,action:pass, direction: <>) Attach the network policy to both virtual networks. Test the ping between the VMs. Which scenario is the valid one ? Thanks Suresh.
_______________________________________________ Users mailing list Users@lists.opencontrail.org http://lists.opencontrail.org/mailman/listinfo/users_lists.opencontrail.org
