[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-4722?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Travis Graham reassigned CLOUDSTACK-4722:
-----------------------------------------

    Assignee: Travis Graham

> Call more attention to egress traffic being denied by default in isolated 
> networks
> ----------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-4722
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4722
>             Project: CloudStack
>          Issue Type: Improvement
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Doc
>    Affects Versions: 4.1.1
>            Reporter: Kirk Kosinski
>            Assignee: Travis Graham
>            Priority: Minor
>              Labels: adminguide
>
> Egress traffic is denied by default in isolated networks using the CloudStack 
> virtual router created in CloudStack 4.1.0 and later (see CLOUDSTACK-299).  
> This information is explained in the Creating Egress Firewall Rules in an 
> Advanced Zone section of the admin guide:
> By default, the egress traffic is blocked, so no outgoing traffic is allowed 
> from a guest network to the Internet. However, you can control the egress 
> traffic in an Advanced zone by creating egress firewall rules. 
> This is very critical information, but unfortunately is easy to miss.  It 
> should be highlighted somehow, such as in a Note.  
> Additionally, it would be useful to explain that during an upgrade from 
> previous versions, egress rules allowing all traffic are created for existing 
> networks to match the previous behavior of allowing all egress traffic.  This 
> is confusing since after an upgrade, all of the existing networks are working 
> the same as before, but newly created networks will not.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Reply via email to