There is no need to support this as the SG enforced are the ones of the members, since the source IP does not change
** Changed in: neutron Status: New => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1949230 Title: OVN Octavia provider driver should implement allowed_cidrs to enforce security groups on LB ports Status in neutron: Invalid Bug description: Octavia can use OVN as a provider driver using it's driver framework. The OVN Octavia provider driver, part of ML2/OVN, does not implement all of the functionality of the Octavia API [1]. One feature that should be supported is allowed_cidrs. The Octavia allowed_cidrs functionality allows Octavia to manage and communicate the CIDR blocks allowed to address an Octavia load balancer. Implementing this in the OVN provider driver would allow load balancers to be only accessible from specific CIDR blocks, a requirement for customer security ina number of scenarios. [1] https://docs.openstack.org/octavia/latest/user/feature- classification/index.html#listener-api-features To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1949230/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp