[openstack-dev] Chalenges with highly available service VMs

Aaron Rosen arosen at nicira.com
Thu Jul 18 17:48:26 UTC 2013


Is there something this is missing that could be added to cover your use
case? I'd be curious to hear where this doesn't work for your case.  One
would need to implement the port_security extension if they want to
completely allow all ips/macs to pass and they could state which ones are
explicitly allowed with the allowed-address-pair extension (at least that
is my current thought).

Thanks,

Aaron


On Thu, Jul 18, 2013 at 3:32 AM, Ian Wells <ijw.ubuntu at cack.org.uk> wrote:

> > I'd still like the simpler and more general purpose 'disable spoofing'
> > option as well.  That doesn't allow MAC spoofing and it doesn't work
> > for what I'm up to.
>
> Read the document properly, Ian.  I take back the MAC spoofing
> comment, but it still won't work for what I'm up to ;)
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130718/fd3f4f0c/attachment.html>


More information about the OpenStack-dev mailing list