[ovs-discuss] Anti-spoof rules with vlans on XCP (XENSERVER)...

Kristoffer Egefelt dr.fersken at gmail.com
Thu May 5 07:13:59 UTC 2011

Ah, that could be the problem.
I don't have a controller - I think the fail-open default changed from xcp
0.5 to 1.0.

Anybody using a controller for xcp/xenserver which is pool-aware and capable
of setting up antispoofing rules? Any ideas or suggestions would be

Thanks :-)


On Mon, May 2, 2011 at 10:01 PM, Ben Pfaff <blp at nicira.com> wrote:

> On Mon, May 02, 2011 at 01:43:36PM +0200, Kristoffer Egefelt wrote:
> > I'm trying to add rules to ovs to prevent virtual machines stealing ip
> > addresses from each other.
> > Using XCP, based on XENSERVER 5.6fp1 with ovs version 1.0.2.
> Your setup looks OK to me.  I see that none of your rules have any
> hits.  That's odd--it seems likely that the switch has fallen into
> "fail open" mode.  Do you have a controller configured?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20110505/2f89a11a/attachment.html>

More information about the discuss mailing list