[Openstack] Disable Mac and IP spoof protection

Akihiro Motoki amotoki at gmail.com
Thu Mar 9 10:25:39 UTC 2017


2017-03-09 16:59 GMT+09:00 Yura Poltoratskiy <yurapoltora at gmail.com>:
> Hi.
>
> We have OpenVZ as an instance, so there are many ip addresses on the
> instance. The only thing that I've done was disabling PortSecurity.
>
> If I'm correct, there is no way to update port for disabling PortSec, one
> have to delete port and to create a new with
> "--port-security-enabled=False".

You don't need to delete a port.
You can set port_security_enabled to False by:

neutron port-update <port> --port-security-enabled=False

or

openstack port set --disable-port-security <port>

>
> 09.03.2017 03:18, Sterdnot Shaken пишет:
>>
>> Is there a way to disable Mac and IP spoof protection for just 1 instance?
>>
>>
>> I want to run an L2TP server on that instance so I can merge a remote
>> (over the internet) broadcast domain at a customer site with a Openstack
>> tenant network. To do this though, I need Openstack to allow n number of
>> MAC addresses and IP's to be allowed out the instances port, which
>> IP/MAC spoofing is preventing...
>>
>>
>> Any ideas?
>>
>>
>> Thanks in advance!!
>>
>>
>>
>> _______________________________________________
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to     : openstack at lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>
> _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack




More information about the Openstack mailing list