Comment 26 for bug 1491644
Revision history for this message
| OpenContrail Admin (ci-admin-f) wrote A change has been merged | #26 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R2.20.x
commit 806037a7bc25ad1
Author: Divakar <email address hidden>
Date: Tue Sep 22 21:59:40 2015 +0530
Replyin to ARP request of ECMP source only if VM is hosted
When an ARP request is received on compute node on fabric interface from
an ECMP source, ARP response is sent with Vhost mac even though the ARP
request is not meant for any VM on that compute node. Because of this,
even if BMS pings another BMS, every compute node receiving this ARP
request is responding with Vhost mac leading to ARP cache poisoning in
BMS.
As a fix, only if ARP request is meant for a VM on compute node, the
response is sent with Vhost mac.
No source IP lookup for ARP requests from BMS
For the packets from VM to an ECMP destination we are forcing the
packets to be L3 routed. When ARP request comes for that VM from one of
the ECMP sources, though we have the stiching for VM's IP we give
Vhost's MAC to route the packets as packets need to be routed in this
direction as well. This functioanlity is added with the fix for the bug
1472796.
But the fix for the above bug should not handle the ARP request coming
from BMS (in TSN) as TSN is never a gateway for BMS. Such ARP request
should be flooded. So the fix is to not force the L3 if ARP request is
from BMS.
Change-Id: I4036dcd6eaf757
closes-bug: #1485804
closes-bug: #1491644