On May 21, 2012, at 5:11 AM, faicker mo wrote:
>
> On 2012-5-20, at 上午12:27, Sergio Kviato wrote:
>
>>
>>
>> Sent from my iPhone
>>
>> On May 19, 2012, at 19:02, faicker mo wrote:
>>
>>>
>>> On 2012-5-19, at 下午11:11, Ben Pfaff wrote:
>>>
On Sat, May 19, 2012 at 09:30:40PM +0800, fai
On 2012-5-20, at 上午12:27, Sergio Kviato wrote:
>
>
> Sent from my iPhone
>
> On May 19, 2012, at 19:02, faicker mo wrote:
>
>>
>> On 2012-5-19, at 下午11:11, Ben Pfaff wrote:
>>
>>> On Sat, May 19, 2012 at 09:30:40PM +0800, faicker mo wrote:
I have viewed the ovs-ofctl man page, I found
Sent from my iPhone
On May 19, 2012, at 19:02, faicker mo wrote:
>
> On 2012-5-19, at 下午11:11, Ben Pfaff wrote:
>
>> On Sat, May 19, 2012 at 09:30:40PM +0800, faicker mo wrote:
>>> I have viewed the ovs-ofctl man page, I found that the arp match has
>>> only arp_sha and arp_dha. It can't mat
On 2012-5-19, at 下午11:11, Ben Pfaff wrote:
> On Sat, May 19, 2012 at 09:30:40PM +0800, faicker mo wrote:
>> I have viewed the ovs-ofctl man page, I found that the arp match has
>> only arp_sha and arp_dha. It can't match the source ip in arp(SPA) and
>> destination ip(DPA) in arp. Without this, t
On Sat, May 19, 2012 at 09:30:40PM +0800, faicker mo wrote:
> I have viewed the ovs-ofctl man page, I found that the arp match has
> only arp_sha and arp_dha. It can't match the source ip in arp(SPA) and
> destination ip(DPA) in arp. Without this, the arp spoofing can't be
> prevented.
Use nw_src
I have viewed the ovs-ofctl man page, I found that the arp match has only
arp_sha and arp_dha. It can't match the source ip in arp(SPA) and destination
ip(DPA) in arp. Without this, the arp spoofing can't be prevented.
OVS replaces the bridge default in kernel. Ebtables can't work. But no
