Replyin to ARP request of ECMP source only if VM is hosted
When an ARP request is received on compute node on fabric interface from
an ECMP source, ARP response is sent with Vhost mac even though the ARP
request is not meant for any VM on that compute node. Because of this,
even if BMS pings another BMS, every compute node receiving this ARP
request is responding with Vhost mac leading to ARP cache poisoning in
BMS.
As a fix, only if ARP request is meant for a VM on compute node, the
response is sent with Vhost mac.
Reviewed: https:/ /review. opencontrail. org/17481 github. org/Juniper/ contrail- vrouter/ commit/ 737a135f6cd3fc2 638ed4b5fe20395 34a5d4f553
Committed: http://
Submitter: Zuul
Branch: R2.20
commit 737a135f6cd3fc2 638ed4b5fe20395 34a5d4f553
Author: Divakar <email address hidden>
Date: Tue Sep 22 21:59:40 2015 +0530
Replyin to ARP request of ECMP source only if VM is hosted
When an ARP request is received on compute node on fabric interface from
an ECMP source, ARP response is sent with Vhost mac even though the ARP
request is not meant for any VM on that compute node. Because of this,
even if BMS pings another BMS, every compute node receiving this ARP
request is responding with Vhost mac leading to ARP cache poisoning in
BMS.
As a fix, only if ARP request is meant for a VM on compute node, the
response is sent with Vhost mac.
Change-Id: Iae8541c8404d6e 6ce530f994b64b0 3dc0cd73170
closes-bug: #1491644