Revision history [back]

click to hide/show revision 1
initial version

Why does the controller have a linux bridge interface on the public network?

Following the RHEL 7 Liberty install docs, which are EXCELLENT by the way. Does the controller have to be bridged on the public interface? For security reasons we would want the controller exposed at all to the public facing or customer facing networks. Is this really neccesary? THANKS!! Configure the Linux bridge agentĀ¶

The Linux bridge agent builds layer-2 (bridging and switching) virtual networking infrastructure for instances including VXLAN tunnels for private networks and handles security groups.

Edit the /etc/neutron/plugins/ml2/linuxbridge_agent.ini file and complete the following actions:

    In the [linux_bridge] section, map the public virtual network to the public physical network interface:

    [linux_bridge]
    physical_interface_mappings = public:PUBLIC_INTERFACE_NAME

    Replace PUBLIC_INTERFACE_NAME with the name of the underlying physical public network interface.

Props again for the EXCELLENT DOCUMENTATION!!

Why does the controller have a linux bridge interface on the public network?

Following the RHEL 7 Liberty install docs, which are EXCELLENT by the way. Does the controller have to be bridged on the public interface? For security reasons we would not want to have the controller exposed at all to the public facing or customer facing networks. Is this really neccesary? necessary? THANKS!! Configure the Linux bridge agentĀ¶

The Linux bridge agent builds layer-2 (bridging and switching) virtual networking infrastructure for instances including VXLAN tunnels for private networks and handles security groups.

Edit the /etc/neutron/plugins/ml2/linuxbridge_agent.ini file and complete the following actions:

    In the [linux_bridge] section, map the public virtual network to the public physical network interface:

    [linux_bridge]
    physical_interface_mappings = public:PUBLIC_INTERFACE_NAME

    Replace PUBLIC_INTERFACE_NAME with the name of the underlying physical public network interface.

Props again for the EXCELLENT DOCUMENTATION!!