Hi Sheng,
CCing you in case this slipped through first time around in the flood of
cloudstack-dev mail. :)
Joe explains more below, but the core of this is if you look at
VirtualRouterElement.verifyServicesCombination():
if (!services.contains(Service.SourceNat)) {
if (services.contains(Service.StaticNat) ||
services.contains(Service.Firewall) || services.contains(Service.Lb) ||
services.contains(Service.PortForwarding) ||
services.contains(Service.Vpn)) {
<snip>
s_logger.warn("Virtual router can't enable services " +
servicesList + " without source NAT service");
<snip>
It looks like this restriction came in with a commit of yours
(46a12b378c288d27d86c9c885534f1309fee0f63), and we're not sure why the
restriction exists - could you give us some background?
Thanks,
Dave.
On Mon, Mar 4, 2013 at 12:17 PM, Mills, Joseph <j...@midokura.jp> wrote:
> Hi Sheng,
>
> I was looking into possible plugin combinations with the Virtual Router
> network service provider, and I saw the restriction that VPN, LB, Firewall,
> PortForwarding, and Static NAT on the VirtualRouter all require that the
> VirtualRouter also be the Source NAT service provider. I am hoping to be
> able to change this to create a network service offering that could (for
> example) use the VirtualRouter for VPN, but Midonet for everything else.
>
> What was the initial reason for requiring Source NAT on the VirtualRouter
> for service like VPN or LB? Is it possible to remove these restrictions?
>
> Thanks,
> Joe
>
