Commit 32f5ebb06226 limited the ARP/ND broadcast domain but in scenarios where ARP responder flows are installed only on chassis that own the associated logical ports ARP requests should still be forwarded on localnet ports because the router pipeline should be executed on the chassis that owns the logical port. Only that chassis will reply to the ARP/ND request.
Reported-by: Michael Plato <[email protected]> Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2020-March/049856.html Fixes: 32f5ebb06226 ("ovn-northd: Limit ARP/ND broadcast domain whenever possible.") Signed-off-by: Dumitru Ceara <[email protected]> --- northd/ovn-northd.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c index f648d2e..b76df05 100644 --- a/northd/ovn-northd.c +++ b/northd/ovn-northd.c @@ -5903,8 +5903,12 @@ build_lswitch_rport_arp_req_flow_for_ip(struct sset *ips, ds_put_cstr(&match, "}"); /* Send a the packet only to the router pipeline and skip flooding it - * in the broadcast domain. + * in the broadcast domain (except for the localnet port). */ + if (od->localnet_port) { + ds_put_format(&actions, "clone { outport = %s; output; }; ", + od->localnet_port->json_key); + } ds_put_format(&actions, "outport = %s; output;", patch_op->json_key); ovn_lflow_add_with_hint(lflows, od, S_SWITCH_IN_L2_LKUP, priority, ds_cstr(&match), ds_cstr(&actions), stage_hint); -- 1.8.3.1 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
