not in progress anymore, this is more of a feature request then a bug
** Changed in: nova
Status: In Progress => Opinion
** Changed in: nova
Assignee: Bernhard M. Wiedemann (ubuntubmw) => (unassigned)
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1187397
Title:
nova-network allows all outgoing traffic
Status in OpenStack Compute (Nova):
Opinion
Bug description:
Having a cloud running with nova-network by default allows all outgoing
traffic.
While you can restrict access to the internet, there is no easy way to
restrict VM access to private cloud infrastructure IP addresses.
For reference, this was tracked for essex-based SUSE Cloud 1.0
https://bugzilla.novell.com/show_bug.cgi?id=777488
filed on 2012-08-27
VMs route all their traffic
through their host's IP in the nova_fixed network
Since we have asymmetric routing,
it is not enough to disable forwarding
on the interface used for the admin network
because replies come in through a different interface.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1187397/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
