Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Neutron metering agent: excluding traffic based on target IP?

I'm trying to measure outbound traffic from a tenant's private network towards the public network, yet exclude that bound for a specific target on the public network (which happens to host an object storage gateway). Let:

  • source IP (on private net) = 192.168.1.4
  • target address to exclude = 10.10.0.123 (on public network 10.10.0.0/16)

Here are rules (I realize the exclude rules may not make sense but I wanted to cover all bases):

neutron meter-label-create testvm_outbound
neutron meter-label-rule-create --direction egress testvm_outbound 192.168.1.4/32
neutron meter-label-rule-create --direction egress testvm_outbound --excluded 10.10.0.123/32
neutron meter-label-rule-create --direction ingress testvm_outbound --excluded 10.10.0.123/32

This correctly catches all traffic egressing from 192.168.1.4 onto the public network but there seems to be no way to exclude traffic bound for 10.10.0.123. Is there a way to achieve this?

I'm running Kilo with Neutron VLAN-segregation. The doc (I could find) is here: http://docs.openstack.org/admin-guide-cloud/networking_adv-features.html and here https://wiki.openstack.org/wiki/Neutron/Metering/Bandwidth

Neutron metering agent: excluding traffic based on target IP?

I'm trying to measure outbound traffic from a tenant's private network towards the public network, yet exclude that bound for a specific target on the public network (which happens to host an object storage gateway). Let:

  • source IP (on private net) = 192.168.1.4
  • target address to exclude = 10.10.0.123 (on public network 10.10.0.0/16)

Here are rules (I realize the exclude rules may not make sense but I wanted to cover all bases):

neutron meter-label-create testvm_outbound
neutron meter-label-rule-create --direction egress testvm_outbound 192.168.1.4/32
neutron meter-label-rule-create --direction egress testvm_outbound --excluded 10.10.0.123/32
neutron meter-label-rule-create --direction ingress testvm_outbound --excluded 10.10.0.123/32

This correctly catches all traffic egressing from 192.168.1.4 onto the public network but there seems to be no way to exclude traffic bound for 10.10.0.123. Is there a way to achieve this?

I'm running Kilo with Neutron VLAN-segregation. The doc (I could find) is here: http://docs.openstack.org/admin-guide-cloud/networking_adv-features.html and here https://wiki.openstack.org/wiki/Neutron/Metering/Bandwidth