Comment 7 for bug 1202266

Sorry, lost the email notification, but this is XenServer specific, its in the XenAPI driver code.

There is quite a bit of work to fix up this feature around:
* resize, migrate, live-migrate

Basically, the security groups is currently totally untested, in many respects. However, I don't think this has really been communicated at all well (if at all).

There are deeper issues here too, because the feature was written for linux bridge, but XenServer now uses OVS by default, so the iptables rules are not good enough. Will need some digging around neutron vs nova here too. I know BobBall at Citrix was talking a look at the above deeper issues, its probably worth brining him in here.