Comment 3 for bug 1188067

In the months since this was opened there's been some progress on the "be careful" front by way of https://review.openstack.org/#/c/100151/ - in which we defined a spec for having a "public" vip for the public services. This makes controlling access to the services much easier as there's a clear separation.

More recently we've also noticed cases where other services (particularly dnsmasq) listen on the public interface and can be used for things like dns-amplification attacks. This is suboptimal, but it seems as though the "be careful" strategy should be useful here too.