Comment 26 for bug 1866445

Is this truly fixed? The patch doesn't seem to fix the underlying issue at hand - ingress MACs (coming from br-vlan or br-tun) are NOT learned by br-int.

Also what are the implications of turning on this setting? The commit states:

"A new config option ``explicitly_egress_direct``, with default value False,
    was added for the aim of distinguishing clouds which are running the
    network node mixed with compute services, upstream neutron CI should be
    an example. In such situation, this ``explicitly_egress_direct`` should be
    set to False, because there are numerous cases from HA routers which can
    not be covered, particularly when you have centralized floating IPs running
    in such mixed hosts.
    Otherwise, set ``explicitly_egress_direct`` to True to avoid the flooding.
    One more note is if your network nodes are for networing services only, we
    recommand you disable all the security_group to get a higher performance."

I take that to say on a network node mixed with compute services it should be set to False. But isn't that the case for every node in DVR? The compute node hosts qrouter, fip router, and can also host dhcp services.

Or does it mean we not supposed to enable this setting on hosts with dvr_snat mode for l3-agent? The message states something about centralized fips - which are hosting on the snat router/node.