Add static MAC address to
|Category:||Drivers - Network|
I setup an OpenNebula 4.2 with OpenVswitch network, everything works great. Thank you very much.
Some of my VMs run LXC containers with a linux bridges inside and traffic coming from LXC guest is dropped due to MAC-spoofing protection.
As described in the documentation, I could relax the protection.
I wonder if a better solution could be to add additional static MAC addresses on a VM NIC to avoid opening all my OpenVswitch networks to MAC-spoofing.
Additional restrictions could apply:
- the additional static MAC addresses restricted to a list of prefixes
- per group/user authorized prefix list
- prefix delegation: first octet per group, second octet per user
With something like that I could dedicate a prefix per user, I get benefit of MAC-spoofing and permit users to do what they want in their VMs.