On 03/05/2026 10:35, Danielle Ratson wrote:
The existing neighbor suppression unconditionally suppresses gratuitous ARPs and unsolicited Neighbor Advertisements, which prevents fast mobility of hosts between VTEPs.Add the neigh_forward_grat option to allow selective control of gratuitous neighbor announcements. When neigh_suppress is enabled but neigh_forward_grat is disabled (default), gratuitous announcements are suppressed. When neigh_forward_grat is enabled, gratuitous announcements are forwarded while regular neighbor discovery remains suppressed. The implementation provides per-output-port control by: 1. Adding a 'grat_arp' flag to BR_INPUT_SKB_CB to mark gratuitous ARPs and unsolicited NAs. 2. Setting both grat_arp and proxyarp_replied flags in br_do_proxy_suppress_arp() and br_do_suppress_nd() when gratuitous packets are detected. 3. Checking neigh_forward_grat per output port during flooding: - For gratuitous ARPs/NAs: suppress unless the output port has neigh_forward_grat enabled. - For regular ARPs/NDs: maintain existing behavior. This allows gratuitous announcements from any input port to be selectively forwarded based on each output port's individual neigh_forward_grat setting, enabling gratuitous neighbor announcements to be flooded to the VXLAN fabric. Regular neighbor discovery (ARP requests, NS queries, solicited replies) remains controlled by neigh_suppress and is unaffected. Signed-off-by: Danielle Ratson <[email protected]> Reviewed-by: Ido Schimmel <[email protected]> Reviewed-by: Petr Machata <[email protected]> --- net/bridge/br_arp_nd_proxy.c | 22 ++++++++++++++++++++++ net/bridge/br_forward.c | 15 +++++++++++---- net/bridge/br_private.h | 2 ++ 3 files changed, 35 insertions(+), 4 deletions(-)
Acked-by: Nikolay Aleksandrov <[email protected]>
