Hi, check prevent_arp_spoofing and set it to False, [1]
BR, Konstantin [1] http://docs.openstack.org/mitaka/config-reference/networking/networking_options_reference.html > -----Original Message----- > From: Артем Плакунов [mailto:[email protected]] > Sent: Friday, October 07, 2016 7:59 PM > To: [email protected] > Subject: [Openstack] How to disable anti-spoofing rules on router? > > Hello everyone. > I found out that openstack router drops packets going from it's internal > network > into the Internet if the source IP address in the packet does not belong to > router's internal subnet. > > I tried to disable security groups globally and set port_security_enabled to > False > on the router's port but this did not help. > tcpdump on router's internal interface shows packets arriving fine, but > nothing > goes outside. Packets are probably dropped somewhere within router's iptables > rules but I couldn't find exact rule that does this. > > Is there a way around this behavior? Or maybe someone can direct me to the > exact iptables rule? > > _______________________________________________ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : [email protected] > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
