[Openstack] how to forbid the instances communicating on the same host but different bridges and vlans?
romi zhang
romizhang1968 at 163.com
Fri Jun 1 08:38:48 UTC 2012
Hi,
I use following command to create 2 NICs for the instances of adminTenant
and 1 NICs for aipuTenant:
nova-manage network create --label=admin_web --fixed_range_v4=192.168.2.0/28
--num_networks=1 --vlan=200 --bridge=br200 --bridge_interface=eth1
--network_size=16 --multi_host=T
--project_id=5f9281bca6854fe3974a457d81afd78c
nova-manage network create --label=admin_ssl
--fixed_range_v4=192.168.21.0/28 --num_networks=1 --vlan=201 --bridge=br201
--bridge_interface=eth2 --network_size=16 --multi_host=T
--project_id=5f9281bca6854fe3974a457d81afd78c
nova-manage network create --label=aipu_web --fixed_range_v4=192.168.3.0/28
--num_networks=1 --vlan=300 --bridge=br300 --bridge_interface=eth1
--network_size=16 --multi_host=T
--project_id=ee29f5730caa40958bf4812a0fbec3d9
But the result is:
1. the instance of admin03(192.168.2.3 192.168.21.3,belong
adminTenant) could successfully ping aipu01(192.168.3.3,belong aipuTenant)
on the same compute node(NC01,network+compute service) .
2. Of course,admin03 could not ping successfully aipu03(192.168.3.6)
on the another compute node(NC02,network+compute service).
Is there a way or setting to forbid the IP touching between the instances of
different tenant in different bridges and VLANs on the same compute node?
Romi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120601/570c9cc4/attachment.html>
More information about the Openstack
mailing list