Port security enabled=True is not respected
Bug #1459343 reported by
Dmitry Ratushnyy
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Expired
|
Undecided
|
Unassigned |
Bug Description
It is possible to send traffic through port with port_security_
Steps to reproduce.
1) Create three VMS on one network:
Guest os:
ubuntu-14.04
"destination" VM to ping (10.100.0.3)
"router" VM to send traffic through (10.100.0.2)
"source" VM that will ping "destination" VM(10.100.0.1)
2) On source VM add route to destination via router ( sudo ip route add 10.100.0.3 via 10.100.0.2)
3) On "router" VM set net.ipv4.ip_forward = 1 (sudo sysctl net.ipv4.ip_forward = 1)
4) On "destination" VM add route to 'source' via router ( sudo ip route add 10.100.0.1 via 10.100.0.2)
5) Start to ping "destination" on "source" VM.
5.1) Check traffic on all VMs
To post a comment you must log in.
6) Check that port on "router" VM has port_security_ enabled= True and there is security group attached