[Openstack] Network node's security

Clint Byrum clint at fewbar.com
Sat May 31 13:47:46 UTC 2014


Be permissive on br-ex to allow VM traffic to flow out to the internet.
Otherwise be protective of the host address that the machine listens to.

Excerpts from walterxj's message of 2014-05-31 13:46:24 +0100:
> 
> 
> 
> 
> 
> 
> hi all:  The network node(s) is the only node(s) that expose to the internet,so it's security setting is more important,So I think it needs to be protect by iptables or firewall etc.  On the other hand,network nodes control all the vm instances' network traffic,I have no ideas how to setting it's iptables rules.Is there any advices or examples to set the network node's iptables?
> 
> 
> Walter Xu




More information about the Openstack mailing list