So I'm running into a problem where two different virtual machines on the same physical host can get to each other bypassing security groups. As a test, I have removed all rules from the default security group and created two other groups for testing (test1 and test2) that only have inbound ssh access from a client network. The hosts are on 192.168.95.0/24 and the guest's fixed addresses are on 192.168.97.0/24. I'm not doing anything with floating ips, just strictly fixed ips. While testing, I'm using a single controller running everything except nova-compute and a single compute host only running nova-compute.
I'm using centos 6.2 with openstack from epel: python-nova-2012.1-7.el6.noarch openstack-nova-2012.1-7.el6.noarch nova.conf (from the compute node): http://paste.openstack.org/show/18381/ iptables -n -L: http://paste.openstack.org/show/18382/ Is there some flag I'm missing in nova.conf to stop this? _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
