cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wido den Hollander <>
Subject Dummy SecurityGroup Provider for VXLAN/VLAN in Advanced Networking
Date Fri, 07 Dec 2018 12:39:56 GMT

I'm looking into this setup:

Advanced zone with VXLAN

- Guest Network 1: Network Offering with SG
- Guest Network 2: Network Offering WITHOUT SG

This doesn't work as the zone has SG enabled and thus all guest networks
require SG.

I wonder why each Guest Networks needs to have SG enabled. For KVM for
example it shouldn't be a technical requirement. As VXLAN (or even
VLANs) provide the isolation between different networks you should be
able to have one network with SG and the other without SG.

Does anybody know why each Guest network needs SG?

Now, I was thinking about creating 'DummySecurityGroupProvider' which
says 'true' to everything you ask it, but in reality doesn't do
anything. This way you could use that provider in a network offering and
work around this.

Would that make sense to people?


View raw message