So the installer dhcp lease file was recently changed to start loading ALL kernel images over http, rather than tftp. The change is a good one, since http is far less error prone on high latency connections.
However, the two labs-hosts1-vlans: cloud-hosts1-b-codfw and cloud-hosts1-b-eqiad have extra ACLs in place for more restrictions. Can we please have the http port(s) allowed access to this vlan, similar to tftp, so we can load the kernel images for these hosts identically? (Presently we had to shift labvirt* hosts back to tftp load of kernel via the dhcpd lease file.)