dmartls1's profile - activity

2014-11-18 16:25:27 -0600 received badge  Supporter (source)
2014-05-01 13:21:08 -0600 received badge  Popular Question (source)
2014-04-25 02:51:16 -0600 received badge  Nice Question (source)
2014-04-24 01:05:40 -0600 received badge  Student (source)
2014-04-23 17:27:20 -0600 asked a question guest to hypervisor traffic is unfiltered

Running CentOS 6.5/Havana using nova-network

network_manager = nova.network.manager.VlanManager
bridge_interface=bond0
vlan_interface=bond0
update_dns_entries=True
share_dhcp_address=True
multi_host=True
send_arp_for_ha=True

Services running on the hypervisor are accessible from any guest running on it through the IP associated with the bridge interface (where dnsmasq listens). Should there be a filter to drop any traffic other than dhcp, dns and metadata?

[dmartls1@workstation ~]# nova network-show 56717f84-1762-4b51-a2ee-0ddab40ae50e | grep gateway
| gateway             | 10.11.63.254                         |

[root@guest1 ~]# telnet 10.11.63.254 22
Trying 10.11.63.254...
Connected to 10.11.63.254.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.3