Ilya: Thanks for quick clarification.I¹ll check out defining my own network offerings.
Yiping On 6/9/14, 1:21 PM, "ilya musayev" <ilya.mailing.li...@gmail.com> wrote: >Yiping, > >Yes you can have non-iptables setup. Most of the enterprise >installations don't rely on cloudstack's iptables, routing or vpc >features and prefer to use existing physical firewalls and vlan isolation. > >If you have VLANs, but dont want to use iptables that comes thru virtual >router, look into CloudStack Advanced Zone Setup with Shared Network >Functionality. > >In this case, you only leverage dhcp, userdata and dns(optional). You >can create your own network offerings and bind the network to "non-vpc >shared network" offering. DHCP at this point in time is a required. >Userdata and DNS can be optional. You can choose to use your own >in-house DNS dont route DNS queries through CloudStack virtual router >(you would need to create custom network offering, which is few clicks >in UI). > >You can also bypass userdata and serve your own userdata through >external userdata services, you would need to write something on your >end to support it. > >Regards >ilya >On 6/9/14, 12:02 PM, Yiping Zhang wrote: >> Hi,all: >> >> I am trying different network setups in my CloudStack eval effort, and >>I am wondering if CS can be configured to not use iptables at all , >>giving that my intended goal is for a private cloud dedicated to my own >>company, in our own datacenter and all our networks are behind our own >>hardware based firewalls already? >> >> If I can stop iptables on all system VM¹s, hypervisors and management >>servers, then it would be much easier to trouble shoot my setups and >>accelerate the eval process. >> >> Thanks, >> >> Yiping >> >
