Comment 45 for bug 1902917
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to neutron (stable/rocky) | #45 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Reviewed: https:/
Committed: https:/
Submitter: "Zuul (22348)"
Branch: stable/rocky
commit 9f4a9f8f8672056
Author: Slawek Kaplonski <email address hidden>
Date: Mon Mar 29 22:21:15 2021 +0200
[ovs fw] Restrict IPv6 NA and DHCP(v6) IP and MAC source addresses
Neighbor Advertisments are used to inform other machines of the MAC
address to use to reach an IPv6. This commits prevents VMs from
pretending they are assigned IPv6 they should not use.
It also prevents sending UDP packets with spoofed IP or MAC even using
DHCP(v6) request ports.
Co-authored-by: David Sinquin <email address hidden>
Closes-bug: #1902917
Conflicts:
Change-Id: Iffb66433595624
(cherry picked from commit ca7822e2108c151