← Back to team overview

openstack team mailing list archive

Re: quantum l2 networks

 

Settting this in nova.conf should disable that but then your security
groups won't work.
firewall_driver = nova.virt.firewall.NoopFirewallDriver



On Sat, Jun 8, 2013 at 12:01 PM, Joe Breu <joseph.breu@xxxxxxxxxxxxx> wrote:

>  Hi Aaron,
>
>  Thanks for the response.  It looks like it is the nwfilters in
> nova-compute that are making this a pain for me.
>
>
>
>  On Jun 7, 2013, at 11:11 PM, Aaron Rosen wrote:
>
>  Hi Joe,
>
>  I thought setting firewall_driver =
> quantum.agent.firewall.NoopFirewallDriver would do the trick? Also, the ovs
> plugin does not do any mac spoof filtering at the OVS level. Those are all
> done in iptables.
>
> Aaron
>
> On Fri, Jun 7, 2013 at 8:22 PM, Joe Breu <joseph.breu@xxxxxxxxxxxxx>wrote:
>
>> Hello,
>>
>> Is there a way to create a quantum l2 network using OVS that does not
>> have MAC and IP spoofing enabled either in iptables or OVS?  One workaround
>> that we found was to set the OVS plugin firewall_driver =
>> quantum.agent.firewall.NoopFirewallDriver to security_group_api=nova
>> however this is far from ideal and doesn't solve the problem of MAC spoof
>> filtering at the OVS level.
>>
>> Thanks for any help
>>
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~openstack
>> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
>> Unsubscribe : https://launchpad.net/~openstack
>> More help   : https://help.launchpad.net/ListHelp
>>
>
>
>

References