» » » » » Networking Option 1: Provider networks pada Compute node
Friday, 5 August 2016

Networking Option 1: Provider networks pada Compute node

Networking Option 1: Provider networks

Konfigurasi Linux bridge agent

pada linux bridge agent builds layer-2 (bridging dan switching) virtual networking infrastructure untuk instances termasuk VXLAN tunnels untuk private networks dan handles security groups.

Edit the /etc/neutron/plugins/ml2/linuxbridge_agent.ini file and complete the following actions:
nano /etc/neutron/plugins/ml2/linuxbridge_agent.ini
pada bagian [linux_bridge], map public virtual network ke public physical network interface:

[linux_bridge]
physical_interface_mappings = public:PUBLIC_INTERFACE_NAME
ganti PUBLIC_INTERFACE_NAME dengan nama interface public ( bridge / NAT ).

pada [vxlan], disable VXLAN overlay networks:
[vxlan]
enable_vxlan = False
pada [agent], enable ARP spoofing protection:
[agent]
...
prevent_arp_spoofing = True
pada bagian [securitygroup], enable security groups dan konfigurasi Linux bridge iptables firewall driver:
[securitygroup]
...
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

0 Response to "Networking Option 1: Provider networks pada Compute node"

Post a Comment

Subscribe to: Post Comments (Atom)