openstack team mailing list archive
Mailing list archive
Re: quantum l2 networks
There is no port_security_enabled config option. This is an attribute on a
port that is used if the plugin you are using implements the
port_security_extension (which is only nvp at the time).
I'm guessing your issue is the network you are trying to boot an instance
on does not have a subnet associated with it.
On Sat, Jun 8, 2013 at 12:37 AM, daniels cai <danxcai@xxxxxxxxx> wrote:
> hi Aaron
> i set the following in nova.conf
> it works, but when i try to attach a security group to an exist vm , api
> throw an error :
> "Network requires port_security_enabled and subnet associated in order to
> apply security groups."
> the i add port_security_enabled in quantum.conf in all nodes.
> with no luck, it still doesn't work .
> Any advice ? does quantum security group support this feature?
> Daniels Cai
> 2013/6/8 Aaron Rosen <arosen@xxxxxxxxxx>
>> Hi Joe,
>> I thought setting firewall_driver =
>> quantum.agent.firewall.NoopFirewallDriver would do the trick? Also, the ovs
>> plugin does not do any mac spoof filtering at the OVS level. Those are all
>> done in iptables.
>> On Fri, Jun 7, 2013 at 8:22 PM, Joe Breu <joseph.breu@xxxxxxxxxxxxx>wrote:
>>> Is there a way to create a quantum l2 network using OVS that does not
>>> have MAC and IP spoofing enabled either in iptables or OVS? One workaround
>>> that we found was to set the OVS plugin firewall_driver =
>>> quantum.agent.firewall.NoopFirewallDriver to security_group_api=nova
>>> however this is far from ideal and doesn't solve the problem of MAC spoof
>>> filtering at the OVS level.
>>> Thanks for any help
>>> Mailing list: https://launchpad.net/~openstack
>>> Post to : openstack@xxxxxxxxxxxxxxxxxxx
>>> Unsubscribe : https://launchpad.net/~openstack
>>> More help : https://help.launchpad.net/ListHelp
>> Mailing list: https://launchpad.net/~openstack
>> Post to : openstack@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~openstack
>> More help : https://help.launchpad.net/ListHelp