yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #56577
[Bug 1623849] [NEW] openvswitch native agent, ARP responder response has wrong Eth headers
Public bug reported:
The ovs-ofctl ARP responder implementation (install_arp_responder) sets
the correct src/dst MAC addresses in the Ethernet header:
https://github.com/openstack/neutron/blob/master/neutron/plugins/ml2/drivers/openvswitch/agent/openflow/ovs_ofctl/br_tun.py#L197
https://github.com/openstack/neutron/blob/master/neutron/plugins/ml2/drivers/openvswitch/agent/common/constants.py#L110
--> 'move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],mod_dl_src:%(mac)s,'
*However* the native Openflow/ryu install_arp_responder implementation
does not set these src/dst fields of the Ethernet header:
https://github.com/openstack/neutron/blob/master/neutron/plugins/ml2/drivers/openvswitch/agent/openflow/native/br_tun.py#L223
The result is that the forged ARP response is incorrect arp_responder=True and of_interface=native:
09:59:47.162196 fa:16:3e:ea:2e:9a > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.10.1 tell 192.168.10.5, length 28
09:59:47.162426 fa:16:3e:ea:2e:9a > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Reply 192.168.10.1 is-at fa:16:5e:47:33:64, length 28
** Affects: neutron
Importance: Undecided
Status: New
** Tags: ovs
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1623849
Title:
openvswitch native agent, ARP responder response has wrong Eth headers
Status in neutron:
New
Bug description:
The ovs-ofctl ARP responder implementation (install_arp_responder)
sets the correct src/dst MAC addresses in the Ethernet header:
https://github.com/openstack/neutron/blob/master/neutron/plugins/ml2/drivers/openvswitch/agent/openflow/ovs_ofctl/br_tun.py#L197
https://github.com/openstack/neutron/blob/master/neutron/plugins/ml2/drivers/openvswitch/agent/common/constants.py#L110
--> 'move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],mod_dl_src:%(mac)s,'
*However* the native Openflow/ryu install_arp_responder implementation
does not set these src/dst fields of the Ethernet header:
https://github.com/openstack/neutron/blob/master/neutron/plugins/ml2/drivers/openvswitch/agent/openflow/native/br_tun.py#L223
The result is that the forged ARP response is incorrect arp_responder=True and of_interface=native:
09:59:47.162196 fa:16:3e:ea:2e:9a > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.10.1 tell 192.168.10.5, length 28
09:59:47.162426 fa:16:3e:ea:2e:9a > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Reply 192.168.10.1 is-at fa:16:5e:47:33:64, length 28
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1623849/+subscriptions
Follow ups
