You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cloudstack.apache.org by "Sheng Yang (JIRA)" <ji...@apache.org> on 2013/10/22 00:00:46 UTC

[jira] [Created] (CLOUDSTACK-4913) Disable security group for bridge mode non-security group zone

Sheng Yang created CLOUDSTACK-4913:
--------------------------------------

             Summary: Disable security group for bridge mode non-security group zone
                 Key: CLOUDSTACK-4913
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4913
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Network Controller
    Affects Versions: 4.2.0
            Reporter: Sheng Yang
            Assignee: Sheng Yang
            Priority: Critical
             Fix For: 4.2.1


Currently, if XenServer is switching to bridge mode, CloudStack would automatically enable security group(apply all kinds of security group rules e.g. iptables and ebtables on it). But at the time, it wouldn't check if the zone is security group enabled or not.

If user want to use bridge mode with isolated network(RvR especially), it would have trouble because security group rules would prevent broadcast from working.

We need to stop applying security group rules if it's not security group enabled zone.



--
This message was sent by Atlassian JIRA
(v6.1#6144)