Re: [Openstack] Disable Mac and IP spoof protection
That was it!!! Worked perfectly! Thank you very much Akihiro and Yura! On Thu, Mar 9, 2017 at 3:25 AM, Akihiro Motoki wrote: > 2017-03-09 16:59 GMT+09:00 Yura Poltoratskiy : > > Hi. > > > > We have OpenVZ as an instance, so there are many ip addresses on the > > instance. The only thing that I've done was disabling PortSecurity. > > > > If I'm correct, there is no way to update port for disabling PortSec, one > > have to delete port and to create a new with > > "--port-security-enabled=False". > > You don't need to delete a port. > You can set port_security_enabled to False by: > > neutron port-update --port-security-enabled=False > > or > > openstack port set --disable-port-security > > > > > 09.03.2017 03:18, Sterdnot Shaken пишет: > >> > >> Is there a way to disable Mac and IP spoof protection for just 1 > instance? > >> > >> > >> I want to run an L2TP server on that instance so I can merge a remote > >> (over the internet) broadcast domain at a customer site with a Openstack > >> tenant network. To do this though, I need Openstack to allow n number of > >> MAC addresses and IP's to be allowed out the instances port, which > >> IP/MAC spoofing is preventing... > >> > >> > >> Any ideas? > >> > >> > >> Thanks in advance!! > >> > >> > >> > >> ___ > >> Mailing list: > >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > >> Post to : openstack@lists.openstack.org > >> Unsubscribe : > >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > >> > > > > ___ > > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/ > openstack > > Post to : openstack@lists.openstack.org > > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/ > openstack > > ___ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/ > openstack > Post to : openstack@lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/ > openstack > ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Disable Mac and IP spoof protection
2017-03-09 16:59 GMT+09:00 Yura Poltoratskiy : > Hi. > > We have OpenVZ as an instance, so there are many ip addresses on the > instance. The only thing that I've done was disabling PortSecurity. > > If I'm correct, there is no way to update port for disabling PortSec, one > have to delete port and to create a new with > "--port-security-enabled=False". You don't need to delete a port. You can set port_security_enabled to False by: neutron port-update --port-security-enabled=False or openstack port set --disable-port-security > > 09.03.2017 03:18, Sterdnot Shaken пишет: >> >> Is there a way to disable Mac and IP spoof protection for just 1 instance? >> >> >> I want to run an L2TP server on that instance so I can merge a remote >> (over the internet) broadcast domain at a customer site with a Openstack >> tenant network. To do this though, I need Openstack to allow n number of >> MAC addresses and IP's to be allowed out the instances port, which >> IP/MAC spoofing is preventing... >> >> >> Any ideas? >> >> >> Thanks in advance!! >> >> >> >> ___ >> Mailing list: >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> Post to : openstack@lists.openstack.org >> Unsubscribe : >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> > > ___ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] Disable Mac and IP spoof protection
Hi. We have OpenVZ as an instance, so there are many ip addresses on the instance. The only thing that I've done was disabling PortSecurity. If I'm correct, there is no way to update port for disabling PortSec, one have to delete port and to create a new with "--port-security-enabled=False". 09.03.2017 03:18, Sterdnot Shaken пишет: Is there a way to disable Mac and IP spoof protection for just 1 instance? I want to run an L2TP server on that instance so I can merge a remote (over the internet) broadcast domain at a customer site with a Openstack tenant network. To do this though, I need Openstack to allow n number of MAC addresses and IP's to be allowed out the instances port, which IP/MAC spoofing is preventing... Any ideas? Thanks in advance!! ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] Disable Mac and IP spoof protection
Is there a way to disable Mac and IP spoof protection for just 1 instance? I want to run an L2TP server on that instance so I can merge a remote (over the internet) broadcast domain at a customer site with a Openstack tenant network. To do this though, I need Openstack to allow n number of MAC addresses and IP's to be allowed out the instances port, which IP/MAC spoofing is preventing... Any ideas? Thanks in advance!! ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack