Hi Chen,
You are correct. Basically, for large deployments it is better we get around the default security group (which is cyclic) and use a custom security group with appropriate to derive the same fuctionality as that of a default security group.
Also, introduction of IpSet might bring in good results in this area. Do look at this blueprint https://blueprints.launchpad.net/neutron/+spec/add-ipset-to-security which is working on the same.
Thanks, Sudhakar
Hi Chen,
You are correct. Basically, for large deployments it is better we get around the default security group (which is cyclic) and use a custom security group with appropriate to derive the same fuctionality as that of a default security group.
Also, introduction of IpSet might bring in good results in this area. Do look at this blueprint https:/ /blueprints. launchpad. net/neutron/ +spec/add- ipset-to- security which is working on the same.
Thanks,
Sudhakar