review.fuel-infra Code Review - openstack-build/neutron-build.git/commit

author	Yalei Wang <yalei.wang@intel.com>
	Fri, 7 Aug 2015 14:43:30 +0000 (22:43 +0800)
committer	Yalei Wang <yalei.wang@intel.com>
	Thu, 20 Aug 2015 13:34:50 +0000 (21:34 +0800)
commit	d4c52b7f5a36a103a92bf9dcda7f371959112292
tree	8d1bbda9c52b5cc0e726facfd2f391475ce9e846	tree \| snapshot
parent	d6742d48b09951cee6ff582a983e1841852e407f	commit \| diff

Add support for unaddressed port

Neutron could create a port without the IP address when the network doesn't
have a subnet. In this case, neutron will have no L3 knowledgee and we need
remove the L3 filter on it but reserve the L2 filter if there is.
This patch will make L2 agent verify the fixed_ips before converting the
security-group-rules into firewall rules, L3 rules in it will be removed.
And filter like arp-spoofing will be disabled for this port.

Partially Implements: blueprint vm-without-l3-address
Change-Id: I5cd1fdfa13a7e57258be7251768eaa8ba64d486e

neutron/agent/linux/iptables_firewall.py		diff \| blob \| history
neutron/plugins/ml2/drivers/openvswitch/agent/ovs_neutron_agent.py		diff \| blob \| history
neutron/tests/unit/agent/linux/test_iptables_firewall.py		diff \| blob \| history
neutron/tests/unit/plugins/ml2/drivers/openvswitch/agent/test_ovs_neutron_agent.py		diff \| blob \| history