incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Cahill <dcah...@midokura.com>
Subject Re: Virtual Router Network Service Restrictions
Date Wed, 13 Mar 2013 01:46:24 GMT
Hi Sheng,

CCing you in case this slipped through first time around in the flood of
cloudstack-dev mail. :)

Joe explains more below, but the core of this is if you look at
VirtualRouterElement.verifyServicesCombination():

        if (!services.contains(Service.SourceNat)) {
            if (services.contains(Service.StaticNat) ||
services.contains(Service.Firewall) || services.contains(Service.Lb) ||
                    services.contains(Service.PortForwarding) ||
services.contains(Service.Vpn)) {
<snip>
                s_logger.warn("Virtual router can't enable services " +
servicesList + " without source NAT service");
<snip>

It looks like this restriction came in with a commit of yours
(46a12b378c288d27d86c9c885534f1309fee0f63), and we're not sure why the
restriction exists - could you give us some background?

Thanks,
Dave.





On Mon, Mar 4, 2013 at 12:17 PM, Mills, Joseph <joe@midokura.jp> wrote:

> Hi Sheng,
>
> I was looking into possible plugin combinations with the Virtual Router
> network service provider, and I saw the restriction that VPN, LB, Firewall,
> PortForwarding, and Static NAT on the VirtualRouter all require that the
> VirtualRouter also be the Source NAT service provider. I am hoping to be
> able to change this to create a network service offering that could (for
> example) use the VirtualRouter for VPN, but Midonet for everything else.
>
> What was the initial reason for requiring Source NAT on the VirtualRouter
> for service like VPN or LB? Is it possible to remove these restrictions?
>
> Thanks,
> Joe
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message