Uploaded image for project: 'OpenShift Core Networking'
  1. OpenShift Core Networking
  2. CORENET-6029

Disable port security (macspoofchk check equivalent) in OVN-Kubernetes

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • None
    • disable-port-security-ovn-kubernetes
    • Product / Portfolio Work
    • OCPSTRAT-2213Ability to Opt-out of MAC spoof filtering on OVN-Kubernetes UDNs
    • 100% To Do, 0% In Progress, 0% Done
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • None
    • None
    • None

      Template:

      Networking Definition of Planned

      Epic Template descriptions and documentation

      Epic Goal

      Provide a way for users to disable their port security check in OVN. Example traffic from nested virtualization i.e multiple MAC addresses can egress over the OVN port.

      Why is this important?

      Allow users to connect to secondary networks using any arbitrary MAC without getting packets droped (which is what happens today)

      Planning Done Checklist

      The following items must be completed on the Epic prior to moving the Epic from Planning to the ToDo status

      • Priority+ is set by engineering
      • Epic must be Linked to a +Parent Feature
      • Target version+ must be set
      • Assignee+ must be set
      • (Enhancement Proposal is Implementable
      • (No outstanding questions about major work breakdown
      • (Are all Stakeholders known? Have they all been notified about this item?
      • Does this epic affect SD? {}Have they been notified{+}? (View plan definition for current suggested assignee)
        1. Please use the “Discussion Needed: Service Delivery Architecture Overview” checkbox to facilitate the conversation with SD Architects. The SD architecture team monitors this checkbox which should then spur the conversation between SD and epic stakeholders. Once the conversation has occurred, uncheck the “Discussion Needed: Service Delivery Architecture Overview” checkbox and record the outcome of the discussion in the epic description here.
        2. The guidance here is that unless it is very clear that your epic doesn’t have any managed services impact, default to use the Discussion Needed checkbox to facilitate that conversation.

      Additional information on each of the above items can be found here: Networking Definition of Planned

      Acceptance Criteria

      • CI - MUST be running successfully with tests automated
      • Release Technical Enablement - Provide necessary release enablement
        details and documents.

      ...

      Dependencies (internal and external)

      1.

      ...

      Previous Work (Optional):

      1. …

      Open questions::

      1. …

      Done Checklist

      • CI - CI is running, tests are automated and merged.
      • Release Enablement <link to Feature Enablement Presentation>
      • DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
      • DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
      • DEV - Downstream build attached to advisory: <link to errata>
      • QE - Test plans in Polarion: <link or reference to Polarion>
      • QE - Automated tests merged: <link or reference to automated tests>
      • DOC - Downstream documentation merged: <link to meaningful PR>

              Unassigned Unassigned
              sseethar Surya Seetharaman
              None
              None
              None
              None
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: