[openstack-dev] Advice on a Neutron ACL kludge

Rich Wellner rkw at objenv.com
Thu Apr 9 16:06:30 UTC 2015

On 4/9/15 8:08 AM, Neil Jerram wrote:
> I think that people often mean different things by ACLs, so can you be
> more precise?
Yeah, you're absolutely right.

What we are trying to do is really simple. We run an HPC facility and 
some of our workload needs port mapping and some needs public IP 
routing. Currently we use static iptables rules to manage this, but 
obviously that means a human is in the loop when things need to change. 
We are trying to get to a point where our switches are reconfigured on 
the fly when VMs are provisioned.


