[openstack-dev] [neutron] Prevent ARP spoofing

Татьяна Холкина holkina at selectel.ru
Tue Mar 13 10:54:22 UTC 2018

I'm using an ocata release of OpenStack where the option
prevent_arp_spoofing can be managed via conf. But later in pike it was
removed and it was decided to prevent spoofing by default.
There are cases where security features should be disabled. As I can see
now we can use a port_security option for these cases. But this option
should be set for a particular port or network on create. The default value
is set to True [1] and itt is impossible to change it. I'd like to suggest
to get default value for port_security [2] from config option.
It would be nice to know your opinion.


Best regards,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20180313/ecfe9d0a/attachment.html>

More information about the OpenStack-dev mailing list