cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Prasanna Santhanam <...@apache.org>
Subject Re: [Discuss] Apply rules on Virtual Router
Date Tue, 23 Jul 2013 11:57:04 GMT
On Mon, Jul 22, 2013 at 08:52:34PM +0700, Nguyen Anh Tu wrote:
> 
> While working with L3 network services, I found a problem in the process of
> applying iptables rules. It currently works not good in my opinion. When
> you apply a new rule (eg. StaticNat or Egress rule), Virtual Router backups
> old rules and re-apply all of non-revoked rules related to source IP on the
> new rule, including this one. It causes a slow, especially when you have a
> lot of running rules. When you delete a rule, the process happens in the
> same. The deleting rule is marked as "revoked", so it doesn't appear in the
> list. I think we should have a better approach.
> 

I'd like this: but know not how java can do this or what is involved:

Do you propose a diff based solution where we incrementally apply the
new set of rules? Also, do you think this can be done for any
configuration within the VR not just iptable rules?


-- 
Prasanna.,

------------------------
Powered by BigRock.com


Mime
View raw message