From: Laine Stump <laine@redhat.com>
Date: Mon, 17 Feb 2020 03:54:45 +0000 (-0500)
Subject: docs: add info about <portOptions isolated='yes'/> to news file
X-Git-Tag: v6.1.0-rc1~100
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c312c8998c9da003fb3d30bd14827297b7402ae3;p=thirdparty%2Flibvirt.git

docs: add info about <portOptions isolated='yes'/> to news file

Signed-off-by: Laine Stump <laine@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---

diff --git a/docs/news.xml b/docs/news.xml
index 5aa9d081a7..f6c4d6a78d 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -82,6 +82,27 @@
           "type" and "persistent" attributes.
         </description>
       </change>
+      <change>
+        <summary>
+          support BR_ISOLATED flag for guest interfaces attached to a Linux host bridge
+        </summary>
+        <description>
+          Since Linux kernel 4.18, the Linux host bridge has had a
+          flag BR_ISOLATED that can be applied to individual
+          ports. When this flag is set for a port, traffic is blocked
+          between that port and any other port that also has the
+          BR_ISOLATED flag set. libvirt domain interface config now
+          supports setting this flag via the &lt;port
+          isolated='yes'/&gt; setting. It can also be set for all
+          connections to a particular libvirt network by setting the
+          same option in the network config - since the port for the
+          host itself does not have BR_ISOLATED set, the guests can
+          communicate with the host and the outside world, but guests
+          on that network can't communicate with each other. This
+          feature works for QEMU and LXC guests with interfaces
+          attached to a Linux host bridge.
+        </description>
+      </change>
       <change>
         <summary>
           qemu: Introduce the 'armvtimer' timer type