Ask Your Question
0

Is there a way to send information from a booted instance to neutron server ?

asked 2013-12-31 02:15:02 -0500

anonymous user

Anonymous

updated 2014-01-22 15:12:55 -0500

Evgeny gravatar image

Hello,

I'd like to know that is there a way for the booted instance to send network related data to the neutron server. For example, if i boot an instance and install a Network Intrusion detection system (NIDS) and will it be possible to send the information such as source IP address, source Port to the neutron server in case of an attack or malicious traffic.

The above case is too specific but what i want to know is that is there any way in which the instance can make contact with the neutron server to send some instance related information. Even if there is no implemented API for this it is alright :). I'd just like to know whether such an operation is possible and if so then how would it be done.

Thank you.

edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2013-12-31 11:06:27 -0500

SamYaple gravatar image

You will have to route it back as if it was coming from the external network. Treat it as an external computer and use normal methods to get it to work. Scripted api calls or ssh and iptable commands to neutrons external address.

Neutrons entire job is to get data from the VMs internal network to the external network as isolated as possible, without the guest knowing how abstracted from the external network it really is.

It also presents a potential for a very easy DoS attack if a guest can tell Neutron what to block directly.

edit flag offensive delete link more
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2013-12-31 02:15:02 -0500

Seen: 49 times

Last updated: Dec 31 '13

Related questions

Deleting Network with Python httplib2 doesn't work?

How to pass the auth token and use it with python API?

Router External Gateway DOWN

Cause for strange network config?

Assigning an IPv6 /64 range to a VM

cannot ping 203.0.113.101 icehouse

how to start with openstack code?

Error populating neutron database

How to remove subnet in dhcp agent

Why is openstack still using api version v2 and not v3 for api endpoints?