On Wed, Jun 8, 2016 at 5:51 PM, Flavio Fernandes <fla...@flaviof.com> wrote:
> Responding to icmp queries where the L3 destination is a directed broadcast > was not being properly handled, causing the reply to be sent to all logical > ports except for the one port that should receive it. > > Reference to the mailing list thread: > http://openvswitch.org/pipermail/discuss/2016-June/021619.html > > This is a proposal for using choice C in the mail discussion; where > handling > of icmp queries to broadcast is performed by a separate logical rule. > Unit test has been augmented to exercise this scenario. > > Note that since broadcast is contained to node where ovn-controller is > running, > there may be no real concern for a potential DOS attack scenario. > > Signed-off-by: Flavio Fernandes <fla...@flaviof.com> > --- > Update: While testing this change, I noticed that the action eth_dst is not affecting dl_dst. So, assuming option 'c' is the way to go, there is still some more teaking to do here! https://gist.github.com/4e2a080248bbde35ebbc2de956c4a194 _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
