Thank you Mark for the answer. andrey On 29.09.2014 18:31, Mark McClain wrote: > > On Sep 29, 2014, at 7:09 AM, Andrey Epifanov <aepifanov at mirantis.com > <mailto:aepifanov at mirantis.com>> wrote: > >> Hi All, >> >> I started working on the the >> https://bugs.launchpad.net/neutron/+bug/1339028 >> and realized that we have the same issue with other connected >> resources in Neutron. > > The is a bug in how we’re implementing the logic to manage routes on > the router instance in the l3-agent implementation. There are other > implementations of the logical router that do not need this restriction. > >> >> The problem is that we have API for the modification of any resources >> without >> limitations, for example, we can modify Router IP and connected to >> this subnet >> VMs never will know about it and lose the default router. The same >> situation >> with routes and IP for DHCP/DNS ports. >> >> https://bugs.launchpad.net/neutron/+bug/1374398 >> https://bugs.launchpad.net/neutron/+bug/1267310 > > I don’t see any of these as a bug. If tenant wants to make changes to > their network (even ill advised ones), we should allow it. > Restricting these API operations to admin’s means we’re inhibiting > users from making changes that could be regular maintenance operations > of a tenant. > > mark > > > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev at lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20141002/97efa9de/attachment.html>