[Users] disable EnableMACAntiSpoofingFilterRules per VM
amuller at redhat.com
Thu Dec 26 09:06:19 UTC 2013
> what will be the default action for my VMs? Filter or not filter?
> So I gave to alter EnableMACAntiSpoofingFilterRules as well?
The default is to filter. You'll have to add a VM or VNIC custom property
and set the value to False whenever you want to disable the filtering.
> What about conflicting values between VM and VNIC. Which has precedence
> over the other?
You would think that anything VNIC specific would take precedence, but with
how the code is implemented at this time, before_device_create is called
for all devices, and before_vm_create is called after that. That means
that whatever is defined at the VM level will take precedence.
Assaf Muller, Cloud Networking Engineer
----- Original Message -----
From: "Kapetanakis Giannis" <bilias at edu.physics.uoc.gr>
To: "users at oVirt.org" <users at ovirt.org>
Sent: Wednesday, December 25, 2013 5:44:47 PM
Subject: Re: [Users] disable EnableMACAntiSpoofingFilterRules per VM
On 25/12/13 17:26, Assaf Muller wrote:
> Here you go:
> 'yum install vdsm-hook-macspoof' on all hosts, then following the instructions here:
> You can disable the filter on a VM or VNIC level.
> Assaf Muller, Cloud Networking Engineer
> Red Hat
Thanks for the quick reply.
That looks very cool :)
Just to understand better because the instructions are not clear on that.
Suppose I install the package and add
what will be the default action for my VMs? Filter or not filter?
So I gave to alter EnableMACAntiSpoofingFilterRules as well?
I mean do I have to explicitly define macspoof=true on all the VMs
except the VMs I don't need filtering
or the opposite -> filter by default and set macspoof=false in the VM I
don't need filtering?
I guess the same applies for VNIC.
What about conflicting values between VM and VNIC. Which has precedence
over the other?
Users mailing list
Users at ovirt.org
More information about the Users