cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jayapal Reddy Uradi <jayapalreddy.ur...@citrix.com>
Subject Re: Support for SecurityGroup in OpenVSwitch mode in Xenserver
Date Fri, 17 Apr 2015 13:30:53 GMT
 Hi Suresh,

Basically SG rules needs bridge mode. So in KVM also it expects bridge mode.

Thanks,
Jayapal
 
On 17-Apr-2015, at 2:33 AM, Suresh Ramamurthy <suresh.ramamurthy@nuagenetworks.net>
 wrote:

> Hi Jayapal,
> 
> Thanks a lot for the response.
> 
> From what you explained, looks like SG for KVM also expects Bridge module.
> Correct me if I am wrong.
> 
> Thanks,
> Suresh
> 
> 
> On Wed, Apr 15, 2015 at 11:36 PM, Jayapal Reddy Uradi <
> jayapalreddy.uradi@citrix.com> wrote:
> 
>> Hi Suresh,
>> 
>> Yes, for security groups expects network mode 'bridge' for xenserver.
>> This is because the security group rules  iptables/ebatables in host
>> filters on the bridge interfaces.
>> 
>> Please look at how we can achieve host level isolation of VM traffic for
>> SG using openVswitch.
>> 
>> Thanks,
>> Jayapal
>> 
>> On 16-Apr-2015, at 10:14 AM, Suresh Ramamurthy <
>> suresh.ramamurthy@nuagenetworks.net>
>> wrote:
>> 
>>> Hi Security Group Experts,
>>> 
>>> I am trying to play with SecurityGroup in XenServer setup.
>>> 
>>> When I looked at the latest 4.5 code I found that the code expects Bridge
>>> module to be present in Xenserver.
>>> 
>>> Is that true? Is Security Group supported using OpenVSwitch in Xenserver?
>>> 
>>> Thanks,
>>> Suresh
>> 
>> 


Mime
View raw message