Neutron already has max_allowed_address_pair configuration value in neutron
conf.
The default limit is 10. However it's not related to shared networks and is a
limitation per one port.
I think it worth reaching out to openstack-dev mailing list and starting
a thread about this and then file a bug based on discussion.
Marking as invalid
** Changed in: neutron
Status: New => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1373868
Title:
Should we allow all networks use allowed address pairs?
Status in OpenStack Neutron (virtual network service):
Invalid
Bug description:
Now we can add allowed address pair to every net's port if allowed
address pair is enable.
This will cause security problem in a shared network, I think.
So we should add an limit for shared net or add a config entry in
neutron.conf, so administrator
can disables some net's ports' allowed address pairs.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1373868/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
