guest to hypervisor traffic is unfiltered
Running CentOS 6.5/Havana using nova-network
network_manager = nova.network.manager.VlanManager bridge_interface=bond0 vlan_interface=bond0 update_dns_entries=True share_dhcp_address=True multi_host=True send_arp_for_ha=True
Services running on the hypervisor are accessible from any guest running on it through the IP associated with the bridge interface (where dnsmasq listens). Should there be a filter to drop any traffic other than dhcp, dns and metadata?
[dmartls1@workstation ~]# nova network-show 56717f84-1762-4b51-a2ee-0ddab40ae50e | grep gateway | gateway | 10.11.63.254 | [root@guest1 ~]# telnet 10.11.63.254 22 Trying 10.11.63.254... Connected to 10.11.63.254. Escape character is '^]'. SSH-2.0-OpenSSH_5.3