Anti IP spoofing doesn't work
Bug #1295205 reported by
Édouard Thuleau
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenContrail |
Fix Committed
|
Undecided
|
Prabhjot Singh Sethi | ||
Bug Description
I can spoof IP from a network in certain case.
Reproduce:
Spoof works:
==========
1. Create a private network with an associated subnet
2. Boot 2 VMs with a NIC on the private network
3. From the first VM change the IP to an IP unused on the subnet and send a ping to the IP of the second VM
4. From the second VM sniff the interface and confirm you received the ICMP request with the spoofing IP as source
Spoofs does not work:
==================
1. Create a private network with an associated subnet
2. Boot 3 VMs with a NIC on the private network
3. From the first VM change the IP to the IP set on second VM and send a ping to the IP of the third VM
4. From the third VM sniff the interface and confirm you did not receive the ICMP request
Revision history for this message
| Prabhjot Singh Sethi (prabhjot) wrote | #1 |
| Changed in opencontrail: | |
| assignee: | nobody → Prabhjot Singh Sethi (prabhjot) |
| status: | New → Fix Committed |
| tags: | added: vrouter |
To post a comment you must log in.
fix committed.
https:/