From nobody Thu Apr 25 13:13:50 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1553510093431117.39374054231712;
 Mon, 25 Mar 2019 03:34:53 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
 [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 80DEF308A968;
	Mon, 25 Mar 2019 10:34:50 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id E327B5D719;
	Mon, 25 Mar 2019 10:34:49 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id D56BC3D387;
	Mon, 25 Mar 2019 10:34:48 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id x2PAYl2N013655 for <libvir-list@listman.util.phx.redhat.com>;
	Mon, 25 Mar 2019 06:34:47 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 4CB9B5D71E; Mon, 25 Mar 2019 10:34:47 +0000 (UTC)
Received: from moe.brq.redhat.com (unknown [10.43.2.30])
	by smtp.corp.redhat.com (Postfix) with ESMTP id C8EFF5D719
	for <libvir-list@redhat.com>; Mon, 25 Mar 2019 10:34:44 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Mon, 25 Mar 2019 11:34:42 +0100
Message-Id: 
 <82be5fa203ddc31b9ce683cee6e76630b575e759.1553509899.git.mprivozn@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH v2] news: Document kernel requirements for virtual
	networks
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.41]);
 Mon, 25 Mar 2019 10:34:51 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"

After 7431b3eb9a05068e4b libvirt requires "filter", "nat" and
"mangle" tables to exist for both IPv4 and IPv6. This fact was
missed in the news.xml and since we don't have any better place
to advertise that let's update old news.

This was refined in 686803a1a2e and since that is not released
yet create a new entry documenting the refinement.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrang=C3=A9 <berrange@redhat.com>
---

Even though the v1 was ACKed, I'm sending v2 because things have changed
since then. The difference to v1 then is that I've introduced a new news
entry for the current release mentioning the refinement. IMO this
reflects the reality the best: 5.1.0, which is released and doesn't
contain the fix does require all 6 tables (even though Dan created
v5.1.0-maint branch where he backported the fix).

 docs/news.xml | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/docs/news.xml b/docs/news.xml
index 5c3028e10b..83e965e0f3 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -124,6 +124,18 @@
           Report class information for PCI node device capability.
         </summary>
       </change>
+      <change>
+        <summary>
+          Split setup of IPv4 and IPv6 top level chain
+        </summary>
+        <description>
+          The requirement resulting from private chains improvement done
+          in <code>v5.1.0</code> was refined so that only tables from
+          corresponding IP version are required. This means that if a
+          network doesn't have <code>IPv6</code> enabled then those
+          tables are not required.
+        </description>
+      </change>
     </section>
     <section title=3D"Bug fixes">
     </section>
@@ -202,7 +214,9 @@
           Historically firewall rules for virtual networks were added
           straight into the base chains. This works but has a number of
           bugs and design limitations. To address them, libvirt now puts
-          firewall rules into its own chains.
+          firewall rules into its own chains. Note that with this change t=
he
+          <code>filter</code>, <code>nat</code> and <code>mangle</code> ta=
bles
+          are required for both <code>IPv4</code> and <code>IPv6</code>.
         </description>
       </change>
       <change>
--=20
2.19.2

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list