<div dir="ltr">In that case, you probably need the RBAC features in Mitaka.</div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Oct 5, 2016 at 6:11 AM, Saverio Proto <span dir="ltr"><<a href="mailto:zioproto@gmail.com" target="_blank">zioproto@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">> Alternatively, you could drop the 'external' attribute and attach your<br>
> instances directly to the provider network (no routers or private networks).<br>
<br>
</span>I can't. Because in my network design I do not have all the compute<br>
nodes on a common L2 segment.<br>
I have a l3 fabric between the compute nodes. So I cant just bridge<br>
the provider network to the physical interface of any compute node.<br>
<br>
I need the traffic to get to the network node, and there I can access<br>
the provider network.<br>
<br>
For a complete L2 setup I am investigating the L2-gw plugin<br>
<span class="HOEnZb"><font color="#888888"><br>
Saverio<br>
</font></span></blockquote></div><br></div>