-
Feature
-
Resolution: Unresolved
-
Major
-
None
-
None
-
Product / Portfolio Work
-
None
-
False
-
-
False
-
None
-
None
-
None
-
None
-
None
-
-
None
-
None
-
None
-
None
Feature Overview (aka. Goal Summary)
Support for configurable port isolation on network interfaces bridged to a physical network.
Goals (aka. expected user outcomes)
Support the ability to block communications between VMs in the same VLAN, so that a VM should only be able to communicate with the gateway and other non-isolated VMs in that VLAN.
This will require the ports on the physical switch to have port isolation enabled and hairpinning disabled.
For reference, see oVirt RFE 1725166.
Requirements (aka. Acceptance Criteria):
Anyone reviewing this Feature needs to know which deployment configurations that the Feature will apply to (or not) once it's been completed. Describe specific needs (or indicate N/A) for each of the following deployment scenarios. For specific configurations that are out-of-scope for a given release, ensure you provide the OCPSTRAT (for the future to be supported configuration) as well.
Deployment considerations | List applicable specific needs (N/A = not applicable) |
Self-managed, managed, or both | |
Classic (standalone cluster) | |
Hosted control planes | |
Multi node, Compact (three node), or Single node (SNO), or all | |
Connected / Restricted Network | |
Architectures, e.g. x86_x64, ARM (aarch64), IBM Power (ppc64le), and IBM Z (s390x) | |
Operator compatibility | |
Backport needed (list applicable versions) | |
UI need (e.g. OpenShift Console, dynamic plugin, OCM) | |
Other (please specify) |
Use Cases (Optional):
- Routing outside the cluster (no smart switch or anything else needed)
Questions to Answer (Optional):
Out of Scope
- Smart switch
Background
Customer Considerations
Documentation Considerations
Interoperability Considerations
- is related to
-
RFE-4899 Support for port isolation / Private VLAN
-
- Approved
-