We use FlatDHCP network mode, all thing work fine, instance has 10.0.0.x ip and 10.0.0.1 as gateway Our problem is that service(most time compute node) has little restrict from instance, which instance can see a lot opened port on service, I am thinking if this is a security problem restrict service on compute node not listen on 10.0.0.x ip is the way I can thing to solve this, any other ways? Thanks -- William Herry ==================== WilliamHerryChina at Gmail.com -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120601/1db598b4/attachment.html>