Metadata port uses IP address on public network

midokura / neutron

Quantum is a virtual network service for Openstack, and a part of Netstack.

http://openstack.org

Apache License 2.0

2 stars 3 forks source link

Metadata port uses IP address on public network #28

Closed admytren closed 11 years ago

admytren commented 11 years ago

Observed this issue with Grizzly/MidoNet 1.1 deployment. A public network creates DHCP ports for metadata service and assigns public IP addresses to it. This causes public IP addresses to be wasted.

rossella commented 11 years ago

This is an issue for Neutron. The plugin receives the IP from Neutron server.

admytren commented 11 years ago

That is weird, DHCP service running on external network can cause all kinds of headaches in administration. While metadata service accessible from external network could cause a security problem. Is there an openstack issue filed about this problem?

rossella commented 11 years ago

Not that I know of. The DHCP agent takes the first available address in the subnet. He doesn't really care if it's public of not. That's what I can see from the code.

rossella commented 11 years ago

Closing this, there's nothing we can do in the plugin...