IETF Logo Mail Archive

Re: [sami] A new draft on state migration use cases is submitted.

"Yingjie Gu(yingjie)" <guyingjie@huawei.com> Mon, 10 October 2011 01:24 UTC

Return-Path: <guyingjie@huawei.com>
X-Original-To: sami@ietfa.amsl.com
Delivered-To: sami@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED91421F8B46 for <sami@ietfa.amsl.com>; Sun, 9 Oct 2011 18:24:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.149
X-Spam-Level:
X-Spam-Status: No, score=-105.149 tagged_above=-999 required=5 tests=[AWL=1.150, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mnGtpVvMoabZ for <sami@ietfa.amsl.com>; Sun, 9 Oct 2011 18:24:29 -0700 (PDT)
Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [119.145.14.64]) by ietfa.amsl.com (Postfix) with ESMTP id 1679721F8B39 for <sami@ietf.org>; Sun, 9 Oct 2011 18:24:29 -0700 (PDT)
Received: from huawei.com (szxga05-in [172.24.2.49]) by szxga05-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LST00ACXT7SVQ@szxga05-in.huawei.com> for sami@ietf.org; Mon, 10 Oct 2011 09:23:53 +0800 (CST)
Received: from szxrg02-dlp.huawei.com ([172.24.2.119]) by szxga05-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 2.14 (built Aug 8 2006)) with ESMTP id <0LST00C1XT7RJQ@szxga05-in.huawei.com> for sami@ietf.org; Mon, 10 Oct 2011 09:23:52 +0800 (CST)
Received: from szxeml203-edg.china.huawei.com ([172.24.2.119]) by szxrg02-dlp.huawei.com (MOS 4.1.9-GA) with ESMTP id AED25497; Mon, 10 Oct 2011 09:23:51 +0800
Received: from SZXEML408-HUB.china.huawei.com (10.82.67.95) by szxeml203-edg.china.huawei.com (172.24.2.55) with Microsoft SMTP Server (TLS) id 14.1.270.1; Mon, 10 Oct 2011 09:23:50 +0800
Received: from g00107907 (10.138.41.134) by szxeml408-hub.china.huawei.com (10.82.67.95) with Microsoft SMTP Server (TLS) id 14.1.270.1; Mon, 10 Oct 2011 09:23:28 +0800
Date: Mon, 10 Oct 2011 09:25:30 +0800
From: "Yingjie Gu(yingjie)" <guyingjie@huawei.com>
In-reply-to: <20111009160138.GB99820@elstar.local>
X-Originating-IP: [10.138.41.134]
To: 'Juergen Schoenwaelder' <j.schoenwaelder@jacobs-university.de>, "'刘茗(研六 福州)'" <lium@ruijie.com.cn>
Message-id: <000601cc86eb$829967f0$87cc37d0$@com>
MIME-version: 1.0
X-Mailer: Microsoft Office Outlook 12.0
Content-type: text/plain; charset="utf-8"
Content-language: zh-cn
Content-transfer-encoding: quoted-printable
Thread-index: AcyGnSN4kEx9sHE4TZK7uRwrTcdb8AATcvhA
X-CFilter-Loop: Reflected
References: <CAB+71L3btz_h8Lkm9jW-WHUeS4=K-Jq-r9mmX94=NdHiepkJ-Q@mail.gmail.com> <2CE4AB2F9CD06543A3F2B0FE76661E12125C8295@fzex.ruijie.com.cn> <20111009160138.GB99820@elstar.local>
Cc: 'A tao' <yangjingtao@gmail.com>, sami@ietf.org
Subject: Re: [sami] A new draft on state migration use cases is submitted.
X-BeenThere: sami@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: State Migration <sami.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sami>, <mailto:sami-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sami>
List-Post: <mailto:sami@ietf.org>
List-Help: <mailto:sami-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sami>, <mailto:sami-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Oct 2011 01:24:30 -0000

Ming, you'd better introduce yourself :)

My understanding of these words is that, instead of deploying ACLs on Hypervisor and try to migrate ACLs between Hypervisors, the customer would like the ACLs be deployed on switches and migrate ACLs between switches. 

Is this what you mean, Ming?


Best Regards
Gu Yingjie

-----邮件原件-----
发件人: sami-bounces@ietf.org [mailto:sami-bounces@ietf.org] 代表 Juergen Schoenwaelder
发送时间: 2011年10月10日 乐乐0:02
收件人: 刘茗(研六 福州)
抄送: A tao; sami@ietf.org
主题: Re: [sami] A new draft on state migration use cases is submitted.

On Sun, Oct 09, 2011 at 01:41:24PM +0000, 刘茗(研六 福州) wrote:
> One of our customers, the leader of online shopping provider in china, have the same requirement.  They run VMs on the power x86 machine with KVM hypervisor. For some security reasons, they applied the ACLs through the Linux’s IPtable running on the Hypervisor. But when the VM floating , the IPtable profile can not be migrated to the other machine. So they hope the switch can replace the IPTable  and can migrates the ACL profiles for the VM when floating .

The switches really have nothing to do with ACLs sitting in the
hypervisor. Making the switches responsible for migrating the ACLs
seems broken to me.

/js

-- 
Juergen Schoenwaelder           Jacobs University Bremen gGmbH
Phone: +49 421 200 3587         Campus Ring 1, 28759 Bremen, Germany
Fax:   +49 421 200 3103         <http://www.jacobs-university.de/>
_______________________________________________
sami mailing list
sami@ietf.org
https://www.ietf.org/mailman/listinfo/sami

v2.23.0 | Report a Bug | By Email