Restrict access to subnet on provider network
Hi there
We have a OpenStack Newton installation, installed with Fuel.
In this we have a flat provider network, "ext_net", with 2 subnets(not actually ip's):
- subnet1 - 10.0.2.0/27
- subnet2 - 10.0.3.0/28
This works as intended. When a project allocates a floating IP, it gets one from "subnet1" or "subnet2". Once this IP is associated with a instance, the instance has access to the internet. All good.
But is there any way of restricting the access to "subnet2"(or "subnet1") on a projects base?
E.g. if I have two projects, project "foo" and project "bar". Is it then possible to setup project "foo" to only get floating IP's from "subnet1" and project "bar" to only get floating IP's from "subnet2" of "ext_net"?
Best. .Marc
Have a look at subnet service types.