Just started installing icehouse from documentation provided on . i'm a little confused at the beginning of the documentation, setting up networking. I opted for the neutron deployment, but instead of using 3 nodes, i will collocate controller node and network node services into one single node. I have 5 nodes available, each with 6 eth. So here comes my problem. I followed instructions from chapter 2 on setting up network on the nodes. It sais on the controller node there is one network, management network, on the compute node there are 2 separate networks, one management and one tunnel network. On the network node there is one management network, one tunnel netowrk and one external network left unnumbered, in promiscuous mode. After making the necessary changes to the nodes the next step is to verify connection between the nodes, that works just fine, and connection to the internet. Here is my problem. What network should be connected to the internet? The only one that is present on all nodes is the management network, so should i enable internet acces to this network?

Yes. Ideally, the internet should be accessible from the Management network. The Management Network itself should not be accessible from outside the main network, for example, the corporate LAN. The "tunnel" network you mention is between Network nodes and the Compute nodes. In your case, The Controller-cum-Network node and the Compute nodes. This network should not be reachable even by the Management network ... ideally.

Hi...Thanks...i understood the basics...the tunnel network is for VMs to communicate with the external network. So, as i thought, the management network should have access to the internet but with all incoming ports closed so it could not be reached from the exterior. Thanks again for clearing that up for me!

