| Message ID | 1478279178-36041-2-git-send-email-dlu998@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
On Fri, Nov 04, 2016 at 10:06:16AM -0700, Darrell Ball wrote: > from: Ramu Ramamurthy <ramu.ramamurthy@us.ibm.com> > > Currently, arping from a vtep-gw physical-switch port to > a VIF IP address does not work. > > When a physical-switch-port arps for an IP address > of a VIF, that arp packet comes into the VIF hypervisor via a > vxlan tunnel. That arp packet must not be responded-to by the > arp responder table because, potentially, multiple hypervisors > could independently respond and confuse L2 learning at the > arp originator. > > Signed-off-by: Ramu Ramamurthy <ramu.ramamurthy@us.ibm.com> > Signed-off-by: Darrell Ball <dlu998@gmail.com> > Co-authored-by: Darrell Ball <dlu998@gmail.com> Thanks Ramu and Darrell, I applied this to master and branch-2.6.
diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c index 07c7b2d..ea6aec9 100644 --- a/ovn/northd/ovn-northd.c +++ b/ovn/northd/ovn-northd.c @@ -2844,13 +2844,15 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, } /* Ingress table 10: ARP/ND responder, skip requests coming from localnet - * ports. (priority 100). */ + * and vtep ports. (priority 100); see ovn-northd.8.xml for the + * rationale. */ HMAP_FOR_EACH (op, key_node, ports) { if (!op->nbsp) { continue; } - if (!strcmp(op->nbsp->type, "localnet")) { + if ((!strcmp(op->nbsp->type, "localnet")) || + (!strcmp(op->nbsp->type, "vtep"))) { ds_clear(&match); ds_put_format(&match, "inport == %s", op->json_key); ovn_lflow_add(lflows, op->od, S_SWITCH_IN_ARP_ND_RSP, 100,