Anti IP spoofing doesn't work
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenContrail |
Fix Committed
|
Undecided
|
Prabhjot Singh Sethi |
Bug Description
I can spoof IP from a network in certain case.
Reproduce:
Spoof works:
==========
1. Create a private network with an associated subnet
2. Boot 2 VMs with a NIC on the private network
3. From the first VM change the IP to an IP unused on the subnet and send a ping to the IP of the second VM
4. From the second VM sniff the interface and confirm you received the ICMP request with the spoofing IP as source
Spoofs does not work:
==================
1. Create a private network with an associated subnet
2. Boot 3 VMs with a NIC on the private network
3. From the first VM change the IP to the IP set on second VM and send a ping to the IP of the third VM
4. From the third VM sniff the interface and confirm you did not receive the ICMP request
tags: | added: vrouter |
fix committed. /github. com/Juniper/ contrail- controller/ pull/476
https:/