cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-4913) Disable security group for bridge mode non-security group zone
Date Tue, 26 Nov 2013 00:06:35 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-4913?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13832098#comment-13832098
] 

ASF subversion and git services commented on CLOUDSTACK-4913:
-------------------------------------------------------------

Commit d13c343cbc2eeca4140ea3f0304d4afaf23530e0 in branch refs/heads/4.3 from [~anthonyxu]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=d13c343 ]

CLOUDSTACK-4913: Don't enable ebtables/iptables for non-security group zone


> Disable security group for bridge mode non-security group zone
> --------------------------------------------------------------
>
>                 Key: CLOUDSTACK-4913
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4913
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Network Controller
>    Affects Versions: 4.2.0
>            Reporter: Sheng Yang
>            Assignee: Sheng Yang
>            Priority: Critical
>             Fix For: 4.2.1, 4.3.0
>
>
> Currently, if XenServer is switching to bridge mode, CloudStack would automatically enable
security group(apply all kinds of security group rules e.g. iptables and ebtables on it).
But at the time, it wouldn't check if the zone is security group enabled or not.
> If user want to use bridge mode with isolated network(RvR especially), it would have
trouble because security group rules would prevent broadcast from working.
> We need to stop applying security group rules if it's not security group enabled zone.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message