Port security enabled=True is not respected
Bug #1459343 reported by
Dmitry Ratushnyy
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| neutron |
Expired
|
Undecided
|
Unassigned | ||
Bug Description
It is possible to send traffic through port with port_security_
Steps to reproduce.
1) Create three VMS on one network:
Guest os:
ubuntu-14.04
"destination" VM to ping (10.100.0.3)
"router" VM to send traffic through (10.100.0.2)
"source" VM that will ping "destination" VM(10.100.0.1)
2) On source VM add route to destination via router ( sudo ip route add 10.100.0.3 via 10.100.0.2)
3) On "router" VM set net.ipv4.ip_forward = 1 (sudo sysctl net.ipv4.ip_forward = 1)
4) On "destination" VM add route to 'source' via router ( sudo ip route add 10.100.0.1 via 10.100.0.2)
5) Start to ping "destination" on "source" VM.
5.1) Check traffic on all VMs
Revision history for this message
| Dmitry Ratushnyy (dmitry-ratushnyy) wrote | #1 |
Revision history for this message
| Kevin Benton (kevinbenton) wrote | #2 |
Revision history for this message
| Dmitry Ratushnyy (dmitry-ratushnyy) wrote | #3 |
Revision history for this message
| Armando Migliaccio (armando-migliaccio) wrote | #4 |
| Changed in neutron: | |
| status: | New → Incomplete |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #5 |
| Changed in neutron: | |
| status: | Incomplete → Expired |
To post a comment you must log in.
6) Check that port on "router" VM has port_security_