[jira] [Commented] (CLOUDSTACK-10003) automatic configure juniper srx/vsrx nat loopback

Fri, 15 Dec 2017 20:22:18 -0800 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10003?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16293643#comment-16293643
 ] 

ASF subversion and git services commented on CLOUDSTACK-10003:
--------------------------------------------------------------

Commit 973a9c1dce72cc05a404eab45ca1ee02bdcb50d4 in cloudstack's branch 
refs/heads/master from [~ming416]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=973a9c1 ]

CLOUDSTACK-10003 automatic configure juniper srx/vsrx nat loopback, (#2184)

Automatic configure juniper srx/vsrx nat loopback,

Constraint condition that manual configure source nat in juniper srx,allowed vm 
vist public network :
zone : trust to {trust,untrust}
rule : source address {0.0.0.0/0},destination address{0.0.0.0/0} ,do source nat 
with pool {public network getway ip}.

code change for trust to trust destination or static nat:

1. add srxCommand :CHECK_PRIVATE_IF_EXISTS. for add/delete rule to detect 
whether exist or not contain DestinationNatRule or StaticNatRule 
(ruleName_private) in trust zone .
2. add DestinationNatRule  (ruleName_private) to trust zone when ADD 
DestinationNatRule to untrust .
3. delete DestinationNatRule  (ruleName_private) from trust zone when DELETE 
DestinationNatRule from untrust.
4. add StaticNatRule (ruleName_private) to trust zone when ADD  StaticNatRule 
to untrust .
5. delete  StaticNatRule (ruleName_private) from trust zone when DELETE  
StaticNatRule from untrust.

Check private if exist.

> automatic configure juniper srx/vsrx nat loopback
> -------------------------------------------------
>
>                 Key: CLOUDSTACK-10003
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10003
>             Project: CloudStack
>          Issue Type: Improvement
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Automation
>    Affects Versions: 4.8.0, 4.9.0, 4.10.0.0, 4.8.1.1, 4.9.0.1
>         Environment: network-pluge juniper srx
>            Reporter: ming
>             Fix For: 4.8.0, 4.9.0, 4.10.0.0, 4.8.1.1, 4.9.0.1
>
>
> automatic configure juniper srx/vsrx nat loopback,
> constraint condition that manual configure source nat in juniper srx,allowed 
> vm vist public network :
> zone : trust to {trust,untrust}
> rule : source address {0.0.0.0/0},destination address{0.0.0.0/0} ,do source 
> nat with pool {public network getway ip}.
> code change for trust to trust destination or static nat:
> add srxCommand :CHECK_PRIVATE_IF_EXISTS. for add/delete rule to detect 
> whether exist or not contain DestinationNatRule or StaticNatRule 
> (ruleName_private) in trust zone .
> add DestinationNatRule (ruleName_private) to trust zone when ADD 
> DestinationNatRule to untrust .
> delete DestinationNatRule (ruleName_private) from trust zone when DELETE 
> DestinationNatRule from untrust.
> add StaticNatRule (ruleName_private) to trust zone when ADD StaticNatRule to 
> untrust .
> delete StaticNatRule (ruleName_private) from trust zone when DELETE 
> StaticNatRule from untrust.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to