[ovs-git] Open vSwitch: INSTALL.XenServer: Add a note for tunnel firewall rules. (master)

dev at openvswitch.org dev at openvswitch.org
Tue Apr 16 22:56:31 UTC 2013


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Open vSwitch".

The branch, master has been updated
       via  781d44723705929ba8aea3c39611fe807c453682 (commit)
       via  f9ee9dcb378f460741989f60fadfb3ed53a320c6 (commit)
       via  c2301fbfc8192297b9a68e0ac1168c729469a6d3 (commit)
      from  113269228827043aaca717b5fb11b055e09a4636 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 781d44723705929ba8aea3c39611fe807c453682
Diffs: http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=781d44723705929ba8aea3c39611fe807c453682
Author: Gurucharan Shetty <gshetty at nicira.com>
		
INSTALL.XenServer: Add a note for tunnel firewall rules.
		
Signed-off-by: Gurucharan Shetty <gshetty at nicira.com>


commit f9ee9dcb378f460741989f60fadfb3ed53a320c6
Diffs: http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=f9ee9dcb378f460741989f60fadfb3ed53a320c6
Author: Gurucharan Shetty <gshetty at nicira.com>
		
rhel: Remove the firewall hole that we create for GRE.
		
Till now, by default, we add firewall holes for
gre traffic. There may be users that do not use GRE tunnels
and they may be surprised with this behavior. So, don't add
the firewall rules by default and update the documentation
to mention the same.

This patch does not remove the default GRE firewall rule for
xenserver because xenserver has a feature called "Cross-Host
Internal Networks" (CHIN) that uses GRE.

Signed-off-by: Gurucharan Shetty <gshetty at nicira.com>


commit c2301fbfc8192297b9a68e0ac1168c729469a6d3
Diffs: http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=c2301fbfc8192297b9a68e0ac1168c729469a6d3
Author: Gurucharan Shetty <gshetty at nicira.com>
		
Revert "rhel, xenserver: Punch holes through firewall for VXLAN."
		
This reverts commit 5902b4ed6.

For end users that do not plan to use tunnels or use only selected
tunnels, it probably is a bad idea to punch firewall holes by default.
Opening holes like this may surprise the user.

Signed-off-by: Gurucharan Shetty <gshetty at nicira.com>


-----------------------------------------------------------------------

Summary of changes:
 INSTALL.RHEL                     |    6 ++++++
 INSTALL.XenServer                |   13 ++++++++++++-
 NEWS                             |    5 ++++-
 rhel/etc_init.d_openvswitch      |    3 ---
 xenserver/etc_init.d_openvswitch |    1 -
 5 files changed, 22 insertions(+), 6 deletions(-)


hooks/post-receive
-- 
Open vSwitch



More information about the git mailing list