| Thread Previous • Date Previous • Date Next • Thread Next |
Public bug reported:
While applying firewall rules for ports, existing implementation
iterates through each port and applies ipset for its security groups.
With this, when ports share the security group, ipset for same security
group is called again and again while iterating through ports.
Instead, if we prepare list of security groups for all ports and apply
ipset on them before applying firewall, we can avoid duplicate ipset
processing for security groups.
** Affects: neutron
Importance: Undecided
Assignee: venkata anil (anil-venkata)
Status: In Progress
** Tags: loadimpact sg-fw
** Changed in: neutron
Assignee: (unassigned) => venkata anil (anil-venkata)
** Tags added: loadimpact sg-fw
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1598734
Title:
Avoid duplicate ipset processing for security groups
Status in neutron:
In Progress
Bug description:
While applying firewall rules for ports, existing implementation
iterates through each port and applies ipset for its security groups.
With this, when ports share the security group, ipset for same security
group is called again and again while iterating through ports.
Instead, if we prepare list of security groups for all ports and apply
ipset on them before applying firewall, we can avoid duplicate ipset
processing for security groups.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1598734/+subscriptions
| Thread Previous • Date Previous • Date Next • Thread Next |
