problem
CS 4.22.0
Host Ubuntu 22.4 KVM
vRouter on VPC ACLs
This VPC ACL feature is beyond good, it's awesome. However @weizhouapache with all the love I have for the team. That's not right, ACL should be applied to the edge - and we know that should not be to interpretation, and many think are just Cisco best practices - we should have a feature to select WAN-side, LAN-side or named Edge-side, Internal-Side which seems are more contemporary names.
Suggestion: if decided to make it RF-ish. To make easy the transition for existing systems, the updated feature will apply to LAN-side (internal-side) by default.
versions
CS 4.22.0
Host Ubuntu 22.4 KVM
running vRouter with 8CPUs and 8GRAM, oversubscription is 1:1 for all systems.
The steps to reproduce the bug
- Create a VPC
- Add the custom ACL with ingress only
- the ACL does not filter the traffic, as is applied to the vRouter LAN AKA Internal interface.
What to do about it?
No response
problem
CS 4.22.0
Host Ubuntu 22.4 KVM
vRouter on VPC ACLs
This VPC ACL feature is beyond good, it's awesome. However @weizhouapache with all the love I have for the team. That's not right, ACL should be applied to the edge - and we know that should not be to interpretation, and many think are just Cisco best practices - we should have a feature to select WAN-side, LAN-side or named Edge-side, Internal-Side which seems are more contemporary names.
Suggestion: if decided to make it RF-ish. To make easy the transition for existing systems, the updated feature will apply to LAN-side (internal-side) by default.
versions
CS 4.22.0
Host Ubuntu 22.4 KVM
running vRouter with 8CPUs and 8GRAM, oversubscription is 1:1 for all systems.
The steps to reproduce the bug
What to do about it?
No response