from: Ramu Ramamurthy <ramu.ramamur...@us.ibm.com> Currently, arping from a vtep-gw physical-switch port to a VIF IP address does not work.
When a physical-switch-port arps for an IP address of a VIF, that arp packet comes into the VIF hypervisor via a vxlan tunnel. That arp packet must not be responded-to by the arp responder table because, potentially, multiple hypervisors could independently respond and confuse L2 learning at the arp originator. Signed-off-by: Ramu Ramamurthy <ramu.ramamur...@us.ibm.com> Signed-off-by: Darrell Ball <dlu...@gmail.com> Co-authored-by: Darrell Ball <dlu...@gmail.com> --- ovn/northd/ovn-northd.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c index 07c7b2d..ea6aec9 100644 --- a/ovn/northd/ovn-northd.c +++ b/ovn/northd/ovn-northd.c @@ -2844,13 +2844,15 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports, } /* Ingress table 10: ARP/ND responder, skip requests coming from localnet - * ports. (priority 100). */ + * and vtep ports. (priority 100); see ovn-northd.8.xml for the + * rationale. */ HMAP_FOR_EACH (op, key_node, ports) { if (!op->nbsp) { continue; } - if (!strcmp(op->nbsp->type, "localnet")) { + if ((!strcmp(op->nbsp->type, "localnet")) || + (!strcmp(op->nbsp->type, "vtep"))) { ds_clear(&match); ds_put_format(&match, "inport == %s", op->json_key); ovn_lflow_add(lflows, op->od, S_SWITCH_IN_ARP_ND_RSP, 100, -- 1.9.1 _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev