Ask Your Question
0

Is there a way to send information from a booted instance to neutron server ?

asked 2013-12-31 02:15:02 -0500

anonymous user

Anonymous

updated 2014-01-22 15:12:55 -0500

Evgeny gravatar image

Hello,

I'd like to know that is there a way for the booted instance to send network related data to the neutron server. For example, if i boot an instance and install a Network Intrusion detection system (NIDS) and will it be possible to send the information such as source IP address, source Port to the neutron server in case of an attack or malicious traffic.

The above case is too specific but what i want to know is that is there any way in which the instance can make contact with the neutron server to send some instance related information. Even if there is no implemented API for this it is alright :). I'd just like to know whether such an operation is possible and if so then how would it be done.

Thank you.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2013-12-31 11:06:27 -0500

SamYaple gravatar image

You will have to route it back as if it was coming from the external network. Treat it as an external computer and use normal methods to get it to work. Scripted api calls or ssh and iptable commands to neutrons external address.

Neutrons entire job is to get data from the VMs internal network to the external network as isolated as possible, without the guest knowing how abstracted from the external network it really is.

It also presents a potential for a very easy DoS attack if a guest can tell Neutron what to block directly.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2013-12-31 02:15:02 -0500

Seen: 38 times

Last updated: Dec 31 '13