[libvirt PATCH 10/10] docs: add info about <portOptions isolated='yes'/> to news file

Laine Stump laine at redhat.com
Mon Feb 17 04:22:59 UTC 2020


Signed-off-by: Laine Stump <laine at redhat.com>
---
 docs/news.xml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/docs/news.xml b/docs/news.xml
index 5aa9d081a7..97a455d721 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -82,6 +82,27 @@
           "type" and "persistent" attributes.
         </description>
       </change>
+      <change>
+        <summary>
+          support BR_ISOLATED flag for guest interfaces attached to a Linux host bridge
+        </summary>
+        <description>
+          Since Linux kernel 4.18, the Linux host bridge has had a
+          flag BR_ISOLATED that can be applied to individual
+          ports. When this flag is set for a port, traffic is blocked
+          between that port and any other port that also has the
+          BR_ISOLATED flag set. libvirt domain interface config now
+          supports setting this flag via the <portOptions
+          isolated='yes'/> setting. It can also be set for all
+          connections to a particular libvirt network by setting the
+          same option in the network config - since the port for the
+          host itself does not have BR_ISOLATED set, the guests can
+          communicate with the host and the outside world, but guests
+          on that network can't communicate with each other. This
+          feature works for QEMU and LXC guests with interfaces
+          attached to a Linux host bridge.
+        </description>
+      </change>
       <change>
         <summary>
           qemu: Introduce the 'armvtimer' timer type
-- 
2.24.1




More information about the libvir-list mailing list