Comment 6 for bug 1112912
Revision history for this message
| Akihiro Motoki (amotoki) wrote Re: get_firewall_required should use VIF parameter from quantum | #6 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
During reading nova/virt/libvirt code, I noticed that even if vif_require_
nova libvirt VIF driver can do. We need to configure firewall_driver in nova.conf.
What do you think nova is expected to do when vif_require_
IMO, to make this parameter work, we need to change the codes outside vif plugging.
In addition, libvirt nwfilter setup-ed by Nova defines two types of provider rules:
(a) rules to allow DHCP/RA packets and (b) rules to prevent IP/MAC spoofing.
What do you think about the relationship between vif_* parameters and the above nwfilter rules?