On 4/7/16 11:43 AM, Gangadhar Vegesana wrote: > Clients that supports RFC 5227, probes the the newly received IP address > from DHCP server. These probes should be received by all the VM's on > the provider network(localnet). I added any entry in ARP response table > to do that broadcast with higher priority value than that of ARP response > entries. The ARP probe packets with src=0.0.0.0 should not be dropped. > As of now there is check in ARP spoofing table to drop these packets. > Added another check to allow these packets
I don't see the value in enabling RFC 5227 on an OVN provider networks. The most common use of a provider network is to connect with an external gateway, and this this case the gateway would not want to yield that IP. The CMS using OVN should not allocate addresses in conflict a provider network gateway. While without these ARP probes the provider network gateway would not learn of the potential address conflicts, allowing an address conflict. The ARP responder within OVN would override the provider network gateway ARP entry with the one for the new conflicting port configured by the CMS. In either case it is an error, and enabling ARP probes does not solve the problem of a CMS which erroneously configures a port with a conflicting IP to a provider network gateway. Perhaps it would be better if OVN could learn provider network gateway ARP entries and include them in its ARP responder? -Dustin Lundquist _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
