Awesome! Hope it reaches Juno! :-)
This is important...
Best,
Thiago
On 16 September 2014 13:17, Carl Baldwin wrote:
> Hi,
>
> There is current work in review to use conntrack to terminate these
> connections [1][2] much like you suggested. I hope to get this in to
> RC1 but it needs another
Now there is already a bug:https://bugs.launchpad.net/neutron/+bug/1334926 for
this problem, meanwhile the security group also has same problem, I have report
a bug:
https://bugs.launchpad.net/neutron/+bug/1335375
在 2014-09-16 01:46:11,"Martinx - ジェームズ" 写道:
Hey stackers,
Let me ask so
Hi,
There is current work in review to use conntrack to terminate these
connections [1][2] much like you suggested. I hope to get this in to
RC1 but it needs another iteration.
For Kilo, I'd like to explore stateless forwarding for floating ips.
Since conntrack is the root of the security issue
Hey stackers,
Let me ask something about this... Why not use Linux Conntrack Table at
each Tenant Namespace (L3 Router) to detect which connections were
made/established over a Floating IP ?
Like this, on the Neutron L3 Router:
--
apt-get install conntrack
ip netns exec qrouter-09b72faa-a5ef-4a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Disassociating floating IPs does not terminate NAT connections with
Neutron L3 agent
- ---
### Summary ###
Every virtual instance is automatically assigned a private IP address.
You may optionally assign public IP addresses to instances. OpenStack
use
