[
https://issues.apache.org/jira/browse/CLOUDSTACK-4913?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13832098#comment-13832098
]
ASF subversion and git services commented on CLOUDSTACK-4913:
-------------------------------------------------------------
Commit d13c343cbc2eeca4140ea3f0304d4afaf23530e0 in branch refs/heads/4.3 from
[~anthonyxu]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=d13c343 ]
CLOUDSTACK-4913: Don't enable ebtables/iptables for non-security group zone
> Disable security group for bridge mode non-security group zone
> --------------------------------------------------------------
>
> Key: CLOUDSTACK-4913
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4913
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Network Controller
> Affects Versions: 4.2.0
> Reporter: Sheng Yang
> Assignee: Sheng Yang
> Priority: Critical
> Fix For: 4.2.1, 4.3.0
>
>
> Currently, if XenServer is switching to bridge mode, CloudStack would
> automatically enable security group(apply all kinds of security group rules
> e.g. iptables and ebtables on it). But at the time, it wouldn't check if the
> zone is security group enabled or not.
> If user want to use bridge mode with isolated network(RvR especially), it
> would have trouble because security group rules would prevent broadcast from
> working.
> We need to stop applying security group rules if it's not security group
> enabled zone.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
