Re: [ovirt-users] vlan-tagging on non-tagged network
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 19/08/15 12:55, Juan Pablo Lorier wrote:
Hi,
My two cents is that shouldn’t be doing mac spoofing protection as
a default. There are several use cases where you may use virtual
nics defined withing the guest and this feature is going to create
problems to users that may not know that there’s a mac spoofing
protection withing ovirt. Think of keeaplived vmac option, openvpn
and any tap adapter you need to create. If you need to protect
against spoofing attacks, you should use the hook or more powerful
tools and in any case, you must be aware that you used this kind of
protection. Regards,
I disagree:
This violates the "secure by default" design pattern.
The default should be secure, furthermore, it was so in every ovirt
release before, so it would be a sudden change.
if you need such advanced network setups in your guests you should be
able to search the documentation.
- --
Mit freundlichen Grüßen / Regards
Sven Kieske
Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +495772 293100
F: +495772 293333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhaus
en
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad
Oeynhausen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBAgAGBQJV1HUjAAoJEMby9TMDAbQR0yEP/0it0Mh2p3EeBUG32uprxGcb
BC0D6QIGIBBLaZutrXSsOYLOlwK+QMTYDneo7S8wbHMLnTgig2fgByF8EJ0f2hg8
ELRsDhGKaKPyGPevJ3i1VUg1A43sBVSAedFAdcpTQjtZKImrOROgu2uquwkeBsju
9+Lwp5nRa64vxeZkyc93Bof3K1LP0L0FV9y3WwoGVd7UdZ2hw+k/4tyVeTRBWybS
phiEPWY9zmfCGOsztfs2LfmVMXtHjgCKpqySlpKuMVFwN0w6jMXst7tK18OU+B1i
2hp0MY79jZQqTW/gc0RK7lQVZjZjphVeyQv9yKIfEA0y8DD2H7XgzfS860Htx+ng
JTRt+iI4VYVaxUtRr3oxPBPoUVG4y4MmtQYUtnG8m5aY9pgrYjeCQIeoyZS5AWxA
Y7gHJpdlBPFNxRdOYI1KNk2RvSxRuzZZ6AgP7gOJXHTylqo0DdIF5xI+vtGteyyX
xaeikGSo0Dcq+FYgwA/qfDRCTXl0TWobvVYcJLch71jJtqZKbcw8TNCbZs8pLJvD
bRM1hy2rLCXD51ieTo/r8uFhE6OuHjUTbRbrBqNlOVMRyCIZuYE0t0Ct5rGTH37t
TVge3Je4o+xF40TdbTA6I29Erl50oZZW+qZg/E2S36bQL7qV55+qvfzTvU64wK9i
pBqXJP7nAFV8vCCrxctX
=qWrQ
-----END PGP SIGNATURE-----