yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1520013] [NEW] OVS unnecessarily drops rule on setup_arp_protection

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Kevin Benton <1520013@xxxxxxxxxxxxxxxxxx>
Date: Thu, 26 Nov 2015 00:50:03 -0000
Reply-to: Bug 1520013 <1520013@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

in the setup_arp_protection call of OVS, the first step is always to
remove all of the rules for that port. However, in the majority of the
cases, the jump rule will be added right back in so this is a waste of
resources.

The linux bridge ARP spoofing only clears the rules if ARP spoofing
protection needs to be removed.

https://github.com/openstack/neutron/blob/66eced001404064442f27f2fff28d5c4f2e18c18/neutron/plugins/ml2/drivers/linuxbridge/agent/arp_protect.py#L32

** Affects: neutron
     Importance: Undecided
     Assignee: Kevin Benton (kevinbenton)
         Status: In Progress

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1520013

Title:
  OVS unnecessarily drops rule on setup_arp_protection

Status in neutron:
  In Progress

Bug description:
  in the setup_arp_protection call of OVS, the first step is always to
  remove all of the rules for that port. However, in the majority of the
  cases, the jump rule will be added right back in so this is a waste of
  resources.

  The linux bridge ARP spoofing only clears the rules if ARP spoofing
  protection needs to be removed.

  https://github.com/openstack/neutron/blob/66eced001404064442f27f2fff28d5c4f2e18c18/neutron/plugins/ml2/drivers/linuxbridge/agent/arp_protect.py#L32

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1520013/+subscriptions

Follow ups

[Bug 1520013] Re: OVS unnecessarily drops rule on setup_arp_protection
From: Doug Hellmann, 2015-12-04