Hi, Ben, I has implemented this feature based on neutron, it's now supported two backends: iptables and LVS. You may want to take a look at the code: https://github.com/liyingjun/neutron/tree/port-nat-support
Any feedback is welcome. Yingjun 2013/8/5 Salvatore Orlando <sorla...@nicira.com> > Hi Ben, > > The closest the thing to what you want to achieve is the Floating IP, but, > as you say, this will not allow for fine-grained control over ports; so you > won't be able, for instance, to expose only port 443 of an internal IP. > > However, this is not in the Havana roadmap at the moment - but this surely > is something that can be discussed for the Icehouse release. > This could be implemented as an independent API extension, but could > actually be implemented by both the FWaaS agent and the L3 agent. This > decision will depend on the route we choose for service agents, which is > being discussed at the moment. > > For the time being you might try and use the LBaaS extension with pools > consistuted by a single service. > > Salvatore > > > > > On 4 August 2013 20:40, Ben Firshman <b...@firshman.co.uk> wrote: > >> Hi all, >> >> I have a large number of small VMs on Quantum internal networks. I'm >> trying to find a way to expose services externally without having to attach >> a whole IPv4 address to each machine. >> >> I'm basically looking for a way to NAT external addresses and ports to >> internal addresses and ports. (TCP/UDP ports that is.) The upcoming FWaaS >> seems to give more fine-grained control over iptables rules, but not NAT it >> seems. >> >> Perhaps this could be part of FWaaS? Perhaps some kind of separate NATing >> service? >> >> Thanks, >> >> Ben >> >> >> >> _______________________________________________ >> Mailing list: >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> Post to : openstack@lists.openstack.org >> Unsubscribe : >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> > > > _______________________________________________ > Mailing list: > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > >
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
