NuxRo commented on PR #7719: URL: https://github.com/apache/cloudstack/pull/7719#issuecomment-1625687387
Great feature. Did a bit of testing and largely my findings are similar to those of Wei, ie the VM gets connected in the appropriate L2 network, but no iptables or ebtables rules are set up for it, so far so good. A few notes: 1 - network traffic between machines on separate HVs worked because iptables defaults to ACCEPT for INPUT, FORWARD and OUTPUT. If an operator makes changes there it will result in issues. This is just FYI, I am not saying we should do any action in this kind of scenarios. 2 - Creating a VM _only_ on an L2 network is not possible currently, Cloudstack returns: ```Can specify only Shared Guest networks when deploy vm in Advance Security Group enabled zone``` It would be **GREAT** if the feature allowed L2-only! 3 - Network offering "Offering for L2 networks" did not produce a functional VM deployment for me, had to go for "Offering for L2 networks VLAN" and specify a VLAN. Not a major issue, but worth keeping in mind. 4 - Last but NOT least, unlike Shared networks, the scope of L2 networks is _account_, so there can't be an expectation for multiple accounts to be able to connect in the same network. Just making sure we're aware of this. :) Looking forward to having this feature in Cloudstack! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
