← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1472452] Re: arp spoofing protection flow install failed

 

** Changed in: neutron
       Status: Fix Committed => Fix Released

** Changed in: neutron
    Milestone: None => liberty-3

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1472452

Title:
  arp spoofing protection flow install failed

Status in neutron:
  Fix Released

Bug description:
  Now ovs-agent failed to install arp spoofing protection flow for new VMs, because it will firstly install arp spoofing protection flow in funstion 'treat_devices_added_or_updated':
      def treat_devices_added_or_updated(self, devices, ovs_restarted):
              .....
              .....
              
              if self.prevent_arp_spoofing:
                 self.setup_arp_spoofing_protection(self.int_br, port, details)

  but then in function '_bind_devices', it will clear all flows for this
  new port, so the arp spoofing protection flow is also be clean

      def _bind_devices(self, need_binding_ports):
              .....
              ....
              if cur_tag != lvm.vlan:
                  self.int_br.set_db_attribute(
                      "Port", port.port_name, "tag", lvm.vlan)
                  if port.ofport != -1:
                      # NOTE(yamamoto): Remove possible drop_port flow
                      # installed by port_dead.
                      self.int_br.delete_flows(in_port=port.ofport)

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1472452/+subscriptions


References