Hi, Srider. Thanks for your reply. I still have a question about SG and FWaaS. VM's east-west traffic belongs to FWaaS or SG? What about VM's north-south traffic?
I think that VM's east-west traffic belongs to SG and the north-south traffic belongs to FWaaS, isn't it? :) Thanks Zhi Chang 2016-12-20 1:45 GMT+08:00 Sridar Kandaswamy (skandasw) <[email protected]>: > Hi Zhi: > > FWaaS has been seen more as an edge (on L3 ports) use case as opposed to > SG which is on a VM port. Also, as u can see there are differences in the > attributes on the Rule specification at the most basic level. At this > point, we are working thru the implementation of FWaaS on L2 ports so that > makes ur question more relevant. At least one school of thought that we > have been working with is that the FWaaS API can be more open and continue > to evolve to support for instance L4-L7 use cases amongst others, but the > SG API will continue to stay a simpler model (some have also pointed the > need for SG to be aligned with AWS). > > This is still in evolution and we would welcome participation, if u can - > pls do drop in to our weekly team meeting [1] and we can discuss further. > > Thanks > > Sridar > [1] http://eavesdrop.openstack.org/#Firewall_as_a_ > Service_(FWaaS)_Team_Meeting > > > From: zhi <[email protected]> > Reply-To: OpenStack List <[email protected]> > Date: Sunday, December 18, 2016 at 7:36 PM > To: OpenStack List <[email protected]> > Subject: Re: [openstack-dev] [neutron] Where will Neutron go in future? > > Hi, Nate, thanks for your reply. > > May I ask a little stupid question? What's the difference between fwaas > and security group? In my opinion, fwaas and security group are both using > linux iptables now. So, what's the differences between them? > > Thanks > Zhi Chang > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: [email protected]?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > >
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
