Details
-
Enquiry
-
Resolution: Unresolved
-
Major
-
None
-
7.5
-
None
-
I have XenServer 7.1 pool.
While deploying new VM I'm setting such params over XAPI
vif-locking-mode=locked
ipv4-allowed=x.x.x.x
Description
I faced with problem of rogue DHCP server, that gives to VMs wrong IP addresses.
I found only one solution for XenServer to prevent rogue DHCP server.
It is DVS Controller.
I deployed DVS Controller from Xenserver 7.5 and set policy to block rogue DHCP server.
Now it is all OK with DHCP, but now I can not set vif-locking-mode=locked because of error
"You attempted an operation that was not allowed.
reason: A vswitch controller is active"
At same time I can set any other "vif-locking-mode" type (unlocked,disabled,networ-default), but not "locked".....
So, the question is how to set vif-locking-mode=locked to prevent IP spoofing while DVS Controller is active?!
I cannot find any infomation about this situation at oficial docs.
Thank you,
Sergey