hi Aaron i set the following in nova.conf security_group_api=quantum firewall_driver=nova.virt.firewall.NoopFirewallDriver
it works, but when i try to attach a security group to an exist vm , api throw an error : "Network requires port_security_enabled and subnet associated in order to apply security groups." the i add port_security_enabled in quantum.conf in all nodes. "port_security_enabled=True" with no luck, it still doesn't work . Any advice ? does quantum security group support this feature? Daniels Cai http://dnscai.com 2013/6/8 Aaron Rosen <aro...@nicira.com> > Hi Joe, > > I thought setting firewall_driver = > quantum.agent.firewall.NoopFirewallDriver would do the trick? Also, the ovs > plugin does not do any mac spoof filtering at the OVS level. Those are all > done in iptables. > > Aaron > > On Fri, Jun 7, 2013 at 8:22 PM, Joe Breu <joseph.b...@rackspace.com>wrote: > >> Hello, >> >> Is there a way to create a quantum l2 network using OVS that does not >> have MAC and IP spoofing enabled either in iptables or OVS? One workaround >> that we found was to set the OVS plugin firewall_driver = >> quantum.agent.firewall.NoopFirewallDriver to security_group_api=nova >> however this is far from ideal and doesn't solve the problem of MAC spoof >> filtering at the OVS level. >> >> Thanks for any help >> >> >> _______________________________________________ >> Mailing list: https://launchpad.net/~openstack >> Post to : openstack@lists.launchpad.net >> Unsubscribe : https://launchpad.net/~openstack >> More help : https://help.launchpad.net/ListHelp >> > > > _______________________________________________ > Mailing list: https://launchpad.net/~openstack > Post to : openstack@lists.launchpad.net > Unsubscribe : https://launchpad.net/~openstack > More help : https://help.launchpad.net/ListHelp > >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
