...
| Note |
|---|
At this time it is not possible to attach a router to the "default" network. Unfortunately there is not an easy way of bridging self-service networks to the public Internet. This is currently in development and we will send a notification when this feature is available. |
Egress Rules and Security Groups
If you create a security group, by default it will be empty and not permit any traffic in or out. The default security group contains several rules to allow your instance to connect to the outside world that we strongly recommend adding to any security group you create if you do not plan on also including the default security group. Certain services (such as the metadata service for ssh key injection, and obtaining your IPv6 address require outbound access in order to function correctly).
Using the Command Line Tools, you can add these rules as follows:
| Code Block |
|---|
openstack security group rule create --egress --protocol any --ethertype IPv6 <security group name>
openstack security group rule create --egress --protocol any --ethertype IPv4 <security group name>
# Optionally - allow all within each instance in the group
openstack security group rule create --ingress --protocol any --ethertype IPv6 --remote-group <security group name> <security group name>
openstack security group rule create --ingress --protocol any --ethertype IPv4 --remote-group <security group name> <security group name> |