On 10 July 2013 21:14, Vishvananda Ishaya <[email protected]> wrote: >> It used to be essential back when we had nova-network and all tenants >> ended up on one network. It became less useful when tenants could >> create their own networks and could use them as they saw fit. >> >> It's still got its uses - for instance, it's nice that the metadata >> server can be sure that a request is really coming from where it >> claims - but I would very much like it to be possible to, as an >> option, explicitly disable antispoof - perhaps on a per-network basis >> at network creation time - and I think we could do this without >> breaking the security model beyond all hope of usefulness. > > Per network and per port makes sense. > > After all, this is conceptually the same as enabling or disabling > port security on your switch.
Bit late on the reply to this, but I think we should be specific on the network, at least at creation time, on what disabling is allowed at port level (default off, may be off, must be on as now). Yes, it's exactly like disabling port security, and you're not always the administrator of your own switch; if we extend the analogy you probably wouldn't necessarily want people turning antispoof off on an explicitly shared-tenant network. -- Ian. _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
