search

redhat-openstack / tripleo-quickstart

Ansible roles for setting up TripleO virtual environments and building images
16 stars 15 forks source link

Default undercloud control plane network violates rfc5737 #52

Closed admiyo closed 8 years ago

admiyo commented 8 years ago

The default control plan is 192.0.2.0/24 which is not supposedto be used, it is only for documentation purposes according to rfc5737:

https://tools.ietf.org/html/rfc5737

"Addresses within the TEST-NET-1, TEST-NET-2, and TEST-NET-3 blocks SHOULD NOT appear on the public Internet and are used without any coordination with IANA or an Internet registry [RFC2050]. Network operators SHOULD add these address blocks to the list of non- routeable address spaces, and if packet filters are deployed, then this address block SHOULD be added to packet filters.

These blocks are not for local use, and the filters may be used in both local and public contexts."

It breaks tools that enforce the filters.

trown commented 8 years ago

This default is inherited from instack-undercloud. We should fix it there.

We can open bugs on instack-undercloud here: https://bugs.launchpad.net/tripleo