On Mon, May 11, 2015 at 02:12:22PM -0400, Christopher Young wrote:
I'm working on some load-balancing solutions and they appear to require MAC spoofing. I did some searching and reading and as I understand it, you can disable the MAC spoofing protection through a few methods.
I was wondering about the best manner to enable this for the VMs that require it and not across the board (if that is even possible). I'd like to just allow my load-balancer VMs to do what they need to, but keep the others untouched as a security mechanism.
If anyone has any advice on the best method to handle this scenario, I would greatly appreciate it. It seems that this might turn into some type of feature request, though I'm not sure if this is something that has to be done at the Linux bridge level, the port level, or the VM level. Any explanations into that would also help in my education.
You can enable mac spoofing per VM or per vNIC using vdsm-hook-macspoof. See more details on the hook's README file https://gerrit.ovirt.org/gitweb?p=vdsm.git;a=blob;f=vdsm_hooks/macspoof/READ...