Re: [openstack-dev] [neutron] Prevent ARP spoofing

2018-03-22 Thread Vadim Ponomarev
t;>>> spoofing protection. How do I can disable the protection? >>>>> >>>>> 2018-03-14 10:26 GMT+03:00 Tatiana Kholkina : >>>>> >>>>>> Sure, there is an ability to enable ARP spoofing for the >>>>>> port

Re: [openstack-dev] [neutron] Prevent ARP spoofing

2018-03-22 Thread Kevin Benton
+03:00 Tatiana Kholkina : >>>> >>>>> Sure, there is an ability to enable ARP spoofing for the port/network, >>>>> but it is impossible to make it enabled by default for all ports. >>>>> It looks a bit complicated to me and I think it would be better to >

Re: [openstack-dev] [neutron] Prevent ARP spoofing

2018-03-19 Thread Vadim Ponomarev
;> Tatiana >>>> >>>> 2018-03-13 15:10 GMT+03:00 Claudiu Belu : >>>> >>>>> Hi, >>>>> >>>>> Indeed ARP spoofing is prevented by default, but AFAIK, if you want it >>>>> enabled for a port / network, you ca

Re: [openstack-dev] [neutron] Prevent ARP spoofing

2018-03-19 Thread Kevin Benton
iana >>> >>> 2018-03-13 15:10 GMT+03:00 Claudiu Belu : >>> >>>> Hi, >>>> >>>> Indeed ARP spoofing is prevented by default, but AFAIK, if you want it >>>> enabled for a port / network, you can simply disable the security groups

Re: [openstack-dev] [neutron] Prevent ARP spoofing

2018-03-19 Thread Vadim Ponomarev
hat neutron network / port. >>> >>> Best regards, >>> >>> Claudiu Belu >>> >>> -- >>> *From:* Татьяна Холкина [holk...@selectel.ru] >>> *Sent:* Tuesday, March 13, 2018 12:54 PM >>> *To:* o

Re: [openstack-dev] [neutron] Prevent ARP spoofing

2018-03-19 Thread Kevin Benton
on >> that neutron network / port. >> >> Best regards, >> >> Claudiu Belu >> >> -- >> *From:* Татьяна Холкина [holk...@selectel.ru] >> *Sent:* Tuesday, March 13, 2018 12:54 PM >> *To:* openstack-dev@lists.openstack.org >> *Subject:* [openst

Re: [openstack-dev] [neutron] Prevent ARP spoofing

2018-03-19 Thread Vadim Ponomarev
t; that neutron network / port. >> >> Best regards, >> >> Claudiu Belu >> >> -- >> *From:* Татьяна Холкина [holk...@selectel.ru] >> *Sent:* Tuesday, March 13, 2018 12:54 PM >> *To:* openstack-dev@lists.openstack.org

Re: [openstack-dev] [neutron] Prevent ARP spoofing

2018-03-14 Thread Tatiana Kholkina
rds, > > Claudiu Belu > > -- > *From:* Татьяна Холкина [holk...@selectel.ru] > *Sent:* Tuesday, March 13, 2018 12:54 PM > *To:* openstack-dev@lists.openstack.org > *Subject:* [openstack-dev] [neutron] Prevent ARP spoofing > > Hi, > I'm using an ocata release of OpenStack

Re: [openstack-dev] [neutron] Prevent ARP spoofing

2018-03-13 Thread Claudiu Belu
: Tuesday, March 13, 2018 12:54 PM To: openstack-dev@lists.openstack.org Subject: [openstack-dev] [neutron] Prevent ARP spoofing Hi, I'm using an ocata release of OpenStack where the option prevent_arp_spoofing can be managed via conf. But later in pike it was removed and it was decided to pr

[openstack-dev] [neutron] Prevent ARP spoofing

2018-03-13 Thread Татьяна Холкина
Hi, I'm using an ocata release of OpenStack where the option prevent_arp_spoofing can be managed via conf. But later in pike it was removed and it was decided to prevent spoofing by default. There are cases where security features should be disabled. As I can see now we can use a port_security opti