Feature #3387
Make OpenNebulaNetwork.conf settings overridable per network
| Status: | Closed | Start date: | 11/28/2014 | |
|---|---|---|---|---|
| Priority: | High | Due date: | ||
| Assignee: |  Javi Fontan | % Done: | 0% | |
| Category: | Drivers - Network | |||
| Target version: | Release 5.4 | |||
| Resolution: | fixed | Pull request: |
Description
Hello,
We setup a new 4.10.1 ONE and would like to make some configuration specific to a single network.
Actually, we have to modify /var/lib/one/remotes/vnm/OpenNebulaNetwork.conf which is applied to all networks.
It could be interesting to have per network settings for MAC spoofing and arp cache poisoning.
I think each settings in CONF could be upper-cased and merged with the network configuration, with the per network configuration overriding the global one.
Regards.
Related issues
Associated revisions
F #3387: parse and merge options from vnet CONF
F #3387: validate vlan id only when enabled in conf
F #3387: parse options into hash instead of array
F #3387: add oned.conf changes for vnet options
History
#1
Updated by EOLE Team over 6 years ago
Related to #2348.
#2
Updated by Ruben S. Montero over 6 years ago
- Tracker changed from Request to Backlog
- Category set to Drivers - Network
- Priority changed from Normal to High
Make sense...
#3
Updated by EOLE Team over 5 years ago
Maybe we can use FILTER_IP_SPOOFING and FILTER_MAC_SPOOFING ?
Regards.
#4
Updated by Ruben S. Montero almost 5 years ago
- Tracker changed from Backlog to Feature
- Target version set to Release 5.2
Also consider arp/mac spoofing for openvswitch:
https://forum.opennebula.org/t/question-about-ovs-vnets-and-arp-cache-poisoning-option/2664
#5
Updated by EOLE Team almost 5 years ago
May we have restricted attributes per VM too?
Regards.
#6
Updated by Ruben S. Montero almost 5 years ago
- Target version changed from Release 5.2 to Release 5.4
#7
Updated by Ruben S. Montero almost 5 years ago
- Related to Bug #4727: Openvswitch driver always add mac spoofing rules added
#8
Updated by Ruben S. Montero almost 5 years ago
- Related to Bug #4680: Ebtables filtering too strict (can't talk to non-ONe hosts on the same network) added
#9
Updated by Javi Fontan over 4 years ago
- Assignee set to Javi Fontan
#10
Updated by Javi Fontan about 4 years ago
- Status changed from Pending to Closed
- Resolution set to fixed
################################################################################ # Bridge and Interface Creation Options ################################################################################ # # These options will execute brctl commands with these values. For example, # this option will execute: # # brctl stp <bridge name> on # # :bridge_conf: # :stp: on # # These options will be added to the ip link add command. For example: # # sudo ip link add lxcbr0.260 type vxlan id 260 group 239.0.101.4 \ # ttl 16 dev lxcbr0 udp6zerocsumrx tos 3 # # :ip_link_conf: # :udp6zerocsumrx: # :tos: 3 ################################################################################ # Overriding Options in Network Template ################################################################################ # # Option can be overridden or added per network using this format # in the network template: # # CONF="vxlan_mc=239.0.100.0,test=false,validate_vlan_id=true" # BRIDGE_CONF="sethello=6" # IP_LINK_CONF="tos=10,udpcsum=,udp6zerocsumrx=__delete__" # # Options can have empty value when they don't need a parameter. Also the # special value "__delete__" can be used to delete parameters set here.