Isolation without secgroup on nova-network & vSphere

asked 2014-09-02 11:47:17 -0600

Hi all,

I'm back with another edge-bending problem for the community. Since I'm using nova-network(VlanManager mode) with vSphere I don't have any support for Security Groups, and henceforth I can't have any isolation without touching iptables, which lead to my question :

What could be a good iptables policy to isolate each vlan ?

Not looking for a complete configuration here, drafts and ideas would be fine.


edit retag flag offensive close merge delete