Bug 1118549

Summary: [RFE][neutron]: FWaaS changes to support Distributed Virtual Router(DVR)
Product: Red Hat OpenStack Reporter: RHOS Integration <rhos-integ>
Component: openstack-neutronAssignee: lpeer <lpeer>
Status: CLOSED UPSTREAM QA Contact: Ofer Blaut <oblaut>
Severity: high Docs Contact:
Priority: medium    
Version: unspecifiedCC: chrisw, markmc, nyechiel, yeylon
Target Milestone: ---Keywords: FutureFeature, Triaged, ZStream
Target Release: 6.0 (Juno)   
Hardware: Unspecified   
OS: Unspecified   
URL: https://blueprints.launchpad.net/neutron/+spec/neutron-dvr-fwaas
Whiteboard: upstream_milestone_juno-rc1 upstream_definition_approved upstream_status_implemented
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-19 11:50:46 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description RHOS Integration 2014-07-11 04:04:21 UTC 
Cloned from launchpad blueprint https://blueprints.launchpad.net/neutron/+spec/neutron-dvr-fwaas.

Description:

The DVR model breaks basic FWaaS implementation as FWaaS relies on seeing both directions of traffic (stageful)  at the router programmed with Firewall rules. DVR by design distributes routing across compute nodes to achieve scalability and this has unfavorable consequences for FWaaS. The first step is to at least ensure that we have an L3 Perimeter Firewall working for the North-South traffic use case.

Specification URL (additional information):

None
Comment 5 Nir Yechiel 2015-03-19 11:50:46 UTC 
This RFE was automatically opened to track status of upstream development. At this point we see no reason to keep track of this in Red Hat bugzilla, thus closing it.