[Openstack] Stop external network to reach instances (Was: Reaching VXLAN tenant networks from outside (without floating IPs))
Turbo Fredriksson
turbo at bayour.com
Wed Jul 6 11:29:48 UTC 2016
Ok, I managed to get this working as well. Was quite
simple actually.
But how do I _STOP_ this from happening?? If there's a root
user on the [local] network, they can simply add that route.
But in some cases I'd like to make sure that this DOESN'T work!
Is there some configuration I can do in either the router or
in Openstack to make sure that traffic from the outside can't
be routed in to the instance(s)?
I'd like that to happen ONLY if there's a floating IP for the
host..
More information about the Openstack
mailing list