Re: [Openstack] Disable Mac and IP spoof protection

2017-03-09 Thread Sterdnot Shaken 
That was it!!! Worked perfectly! Thank you very much Akihiro and Yura!

On Thu, Mar 9, 2017 at 3:25 AM, Akihiro Motoki  wrote:

> 2017-03-09 16:59 GMT+09:00 Yura Poltoratskiy :
> > Hi.
> >
> > We have OpenVZ as an instance, so there are many ip addresses on the
> > instance. The only thing that I've done was disabling PortSecurity.
> >
> > If I'm correct, there is no way to update port for disabling PortSec, one
> > have to delete port and to create a new with
> > "--port-security-enabled=False".
>
> You don't need to delete a port.
> You can set port_security_enabled to False by:
>
> neutron port-update  --port-security-enabled=False
>
> or
>
> openstack port set --disable-port-security 
>
> >
> > 09.03.2017 03:18, Sterdnot Shaken пишет:
> >>
> >> Is there a way to disable Mac and IP spoof protection for just 1
> instance?
> >>
> >>
> >> I want to run an L2TP server on that instance so I can merge a remote
> >> (over the internet) broadcast domain at a customer site with a Openstack
> >> tenant network. To do this though, I need Openstack to allow n number of
> >> MAC addresses and IP's to be allowed out the instances port, which
> >> IP/MAC spoofing is preventing...
> >>
> >>
> >> Any ideas?
> >>
> >>
> >> Thanks in advance!!
> >>
> >>
> >>
> >> ___
> >> Mailing list:
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >> Post to : openstack@lists.openstack.org
> >> Unsubscribe :
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >>
> >
> > ___
> > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/
> openstack
> > Post to : openstack@lists.openstack.org
> > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/
> openstack
>
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/
> openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/
> openstack
>
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Disable Mac and IP spoof protection

2017-03-09 Thread Akihiro Motoki 
2017-03-09 16:59 GMT+09:00 Yura Poltoratskiy :
> Hi.
>
> We have OpenVZ as an instance, so there are many ip addresses on the
> instance. The only thing that I've done was disabling PortSecurity.
>
> If I'm correct, there is no way to update port for disabling PortSec, one
> have to delete port and to create a new with
> "--port-security-enabled=False".

You don't need to delete a port.
You can set port_security_enabled to False by:

neutron port-update  --port-security-enabled=False

or

openstack port set --disable-port-security 

>
> 09.03.2017 03:18, Sterdnot Shaken пишет:
>>
>> Is there a way to disable Mac and IP spoof protection for just 1 instance?
>>
>>
>> I want to run an L2TP server on that instance so I can merge a remote
>> (over the internet) broadcast domain at a customer site with a Openstack
>> tenant network. To do this though, I need Openstack to allow n number of
>> MAC addresses and IP's to be allowed out the instances port, which
>> IP/MAC spoofing is preventing...
>>
>>
>> Any ideas?
>>
>>
>> Thanks in advance!!
>>
>>
>>
>> ___
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack@lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Disable Mac and IP spoof protection

2017-03-09 Thread Yura Poltoratskiy 

Hi.

We have OpenVZ as an instance, so there are many ip addresses on the 
instance. The only thing that I've done was disabling PortSecurity.


If I'm correct, there is no way to update port for disabling PortSec, 
one have to delete port and to create a new with 
"--port-security-enabled=False".


09.03.2017 03:18, Sterdnot Shaken пишет:

Is there a way to disable Mac and IP spoof protection for just 1 instance?


I want to run an L2TP server on that instance so I can merge a remote
(over the internet) broadcast domain at a customer site with a Openstack
tenant network. To do this though, I need Openstack to allow n number of
MAC addresses and IP's to be allowed out the instances port, which
IP/MAC spoofing is preventing...


Any ideas?


Thanks in advance!!



___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack



___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] Disable Mac and IP spoof protection

2017-03-08 Thread Sterdnot Shaken 
Is there a way to disable Mac and IP spoof protection for just 1 instance?


I want to run an L2TP server on that instance so I can merge a remote (over
the internet) broadcast domain at a customer site with a Openstack tenant
network. To do this though, I need Openstack to allow n number of MAC
addresses and IP's to be allowed out the instances port, which IP/MAC
spoofing is preventing...


Any ideas?


Thanks in advance!!
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack