On Wed, Sep 09, 2015 at 06:23:13PM -0700, Justin Pettit wrote: > > On Jul 2, 2015, at 5:39 PM, Ben Pfaff <b...@nicira.com> wrote: > Sorry. I hadn't realized this was waiting for feedback.
Honestly I figured the next step was to produce a patch rather than a document. > > This column is provided as a convenience to cloud > > management systems, but all of the features that it > > implements can be implemented as ACLs using the ACL > > table. > > This is true, but if "from-host" ACL processing happens after L3, then > it won't have the benefit of the spoof protection afforded by the ARP > restrictions. My guess is that ACL processing will happen before L3, > but we should keep it in mind. Good point, I'll be sure to revise that text before implementing this. _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
