[openstack-dev] [quantum] Security groups egress default behaviour
Dan Wendlandt
dan at nicira.com
Mon Mar 4 04:21:44 UTC 2013
On Sun, Mar 3, 2013 at 7:51 PM, Tomoe Sugihara <tomoe at midokura.com> wrote:
> On Wed, Feb 27, 2013 at 12:36 PM, Tomoe Sugihara <tomoe at midokura.com>wrote:
>
>> Hi,
>>
>> I failed to ask another question. In quantum's SG rule, there's
>> source_ip_prefix for both directions while Amazon VPC SG has source prefix
>> for inbound and destination for outbound respectively. Is that designed
>> model or oversight?
>>
>
> How about this point? Is this current model good to go in Grizzly?
>
With security groups, the IP prefix or the security_group_id should already
refer to the "remote" prefix (i.e., source for inbound rules, destination
for egress). We had a naming discussion on the list about this a while
back, though I'd defer to Aaron or Akihiro to comment on the outcome.
Let's chat about this more at the team meeting monday (feel free to file a
bug to track this discussion item. thanks).
Dan
>
> Tomoe
>
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dan Wendlandt
Nicira, Inc: www.nicira.com
twitter: danwendlandt
~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130303/783e9655/attachment.html>
More information about the OpenStack-dev
mailing list