ovn: Fix arping from vtep-gw physical port.

Currently, arping from a vtep-gw physical-switch port to a VIF IP address does not work. When a physical-switch-port arps for an IP address of a VIF, that arp packet comes into the VIF hypervisor via a vxlan tunnel. That arp packet must not be responded-to by the arp responder table because, potentially, multiple hypervisors could independently respond and confuse L2 learning at the arp originator. Signed-off-by: Ramu Ramamurthy <[email protected]> Signed-off-by: Darrell Ball <[email protected]> Co-authored-by: Darrell Ball <[email protected]> Signed-off-by: Ben Pfaff <[email protected]>
geddings · Nov 28, 2016 · 0b07728 · 0b07728
1 parent ae2b483
commit 0b07728
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c
@@ -2844,13 +2844,15 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports,
     }
 
     /* Ingress table 10: ARP/ND responder, skip requests coming from localnet
-     * ports. (priority 100). */
+     * and vtep ports. (priority 100); see ovn-northd.8.xml for the
+     * rationale. */
     HMAP_FOR_EACH (op, key_node, ports) {
         if (!op->nbsp) {
             continue;
         }
 
-        if (!strcmp(op->nbsp->type, "localnet")) {
+        if ((!strcmp(op->nbsp->type, "localnet")) ||
+            (!strcmp(op->nbsp->type, "vtep"))) {
             ds_clear(&match);
             ds_put_format(&match, "inport == %s", op->json_key);
             ovn_lflow_add(lflows, op->od, S_SWITCH_IN_ARP_ND_RSP, 100,