[Users] disable EnableMACAntiSpoofingFilterRules per VM
Assaf Muller
amuller at redhat.com
Thu Dec 26 09:06:19 UTC 2013
> what will be the default action for my VMs? Filter or not filter?
> So I gave to alter EnableMACAntiSpoofingFilterRules as well?
The default is to filter. You'll have to add a VM or VNIC custom property
and set the value to False whenever you want to disable the filtering.
> What about conflicting values between VM and VNIC. Which has precedence
> over the other?
You would think that anything VNIC specific would take precedence, but with
how the code is implemented at this time, before_device_create is called
for all devices, and before_vm_create is called after that. That means
that whatever is defined at the VM level will take precedence.
Assaf Muller, Cloud Networking Engineer
Red Hat
----- Original Message -----
From: "Kapetanakis Giannis" <bilias at edu.physics.uoc.gr>
To: "users at oVirt.org" <users at ovirt.org>
Sent: Wednesday, December 25, 2013 5:44:47 PM
Subject: Re: [Users] disable EnableMACAntiSpoofingFilterRules per VM
On 25/12/13 17:26, Assaf Muller wrote:
> Yep!
>
> Here you go:
> 'yum install vdsm-hook-macspoof' on all hosts, then following the instructions here:
> https://github.com/oVirt/vdsm/blob/master/vdsm_hooks/macspoof/README
>
> You can disable the filter on a VM or VNIC level.
>
>
> Assaf Muller, Cloud Networking Engineer
> Red Hat
Thanks for the quick reply.
That looks very cool :)
Just to understand better because the instructions are not clear on that.
Suppose I install the package and add
engine-config -s
UserDefinedVMProperties='previousProperties;macspoof=^(true|false)$'
--cver=3.3
what will be the default action for my VMs? Filter or not filter?
So I gave to alter EnableMACAntiSpoofingFilterRules as well?
I mean do I have to explicitly define macspoof=true on all the VMs
except the VMs I don't need filtering
or the opposite -> filter by default and set macspoof=false in the VM I
don't need filtering?
I guess the same applies for VNIC.
What about conflicting values between VM and VNIC. Which has precedence
over the other?
Thanks
G
_______________________________________________
Users mailing list
Users at ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
More information about the Users
mailing list