Hi, Environment: - Centos 7.3 , kernel 3.10 (!) - devstack mid Jan 2017 master - kuryr-libnetworks - NOT using opensvswitch firewall as shown e.g. in https://github.com/openstack/kuryr-libnetwork#how-to-try-out-nested-containers-locally because Linux kernel 3.10 doesn't support it, so Linux bridge is used instead!
Question: Must I use Openvswitch firewall instead of linux bridge for proper operation of trunk bridge ? ======== The phenomenon: =============== When ARP from ContainerA to containerB, both are netsed within a VM, the ping fails: - ARP request (broadcast) succeeds to pass via the Linux bridge to the OVS and back to the VM via the Linux bridge. - ARP reply (unicast) succeeds to pass via the Linux bridge to the OVS (it learned the MAC from the request coming back from the OVS). - this ARP reply is not forwarded by the Linux bridge to the VM ! Note that it learned this MAC from the OVS side (although with a different Vlan). I suspect: ======== The Linux bridge works in SVL mode (Shared-Vlan-Learning). Thanks in advance Gideon _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
