Hi, If they're in the same subnet, they won't go through a firewall to reach each other. I'd imagine this is expected.
Cheers, On Thu, 2012-06-07 at 10:00 -0400, Mitchell Broome wrote: > So I'm running into a problem where two different virtual machines on > the same physical host can get to each other bypassing security > groups. As a test, I have removed all rules from the default security > group and created two other groups for testing (test1 and test2) that > only have inbound ssh access from a client network. The hosts are on > 192.168.95.0/24 and the guest's fixed addresses are on > 192.168.97.0/24. I'm not doing anything with floating ips, just > strictly fixed ips. While testing, I'm using a single controller > running everything except nova-compute and a single compute host only > running nova-compute. > > I'm using centos 6.2 with openstack from epel: > python-nova-2012.1-7.el6.noarch > openstack-nova-2012.1-7.el6.noarch > > > nova.conf (from the compute node): > http://paste.openstack.org/show/18381/ > > iptables -n -L: > http://paste.openstack.org/show/18382/ > > Is there some flag I'm missing in nova.conf to stop this? > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp -- Stephen Gran Senior Systems Integrator - The Guardian Please consider the environment before printing this email. ------------------------------------------------------------------ Visit guardian.co.uk - newspaper of the year www.guardian.co.uk www.observer.co.uk www.guardiannews.com On your mobile, visit m.guardian.co.uk or download the Guardian iPhone app www.guardian.co.uk/iphone To save up to 30% when you subscribe to the Guardian and the Observer visit www.guardian.co.uk/subscriber --------------------------------------------------------------------- This e-mail and all attachments are confidential and may also be privileged. If you are not the named recipient, please notify the sender and delete the e-mail and all attachments immediately. Do not disclose the contents to another person. You may not use the information for any purpose, or store, or copy, it in any way. Guardian News & Media Limited is not liable for any computer viruses or other material transmitted with or as part of this e-mail. You should employ virus checking software. Guardian News & Media Limited A member of Guardian Media Group plc Registered Office PO Box 68164 Kings Place 90 York Way London N1P 2AP Registered in England Number 908396 _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
