I have a k8s cluster deployed in OpenStack which for communication uses internal network and only the Master nodes have floating IP's in the external network. I am trying to use MetalLB load balancer(not really a load balancer) to whom I have assigned an segment of the external network in OpenStack and I have used a Floating IP assigned to MetalLB controller to provide access to that subnet from outside. I am trying to use it on L2 which is sending out replies to ARP requests with the MAC address of the node that has won the leader election. I have disabled port security for all The instances in OS like in neutron-port-security setting On the elected node of MetalLB or on the controller I should see ARP request using a command like :
tcpdump -i eth99 arp and arp[6:2] == 2
I know ARP spoofing is disabled but isnt removing port security going to resolve that ? I have tested in another environment where VMs where hosted in VMware and everything worked. Thank you!
