Merge "Do not block connection between br-int and br-phys on startup" into stable/rocky

This commit is contained in:
Zuul 2020-07-08 00:30:48 +00:00 committed by Gerrit Code Review
commit 3de25f925b
1 changed files with 10 additions and 3 deletions

View File

@ -1325,9 +1325,16 @@ class OVSNeutronAgent(l2population_rpc.L2populationRpcCallBackTunnelMixin,
self.int_ofports[physical_network] = int_ofport
self.phys_ofports[physical_network] = phys_ofport
# block all untranslated traffic between bridges
self.int_br.drop_port(in_port=int_ofport)
br.drop_port(in_port=phys_ofport)
# following drop operations are not necessary for
# dvr agent setup_dvr_flows. So skip it if dvr enabled
# the reason is for br_int it is duplicate
# for br_physical drop_port is dangerous because when dvr
# enabled the highest flow on table=0 is 2 which means
# basically everything will be dropped until setup_dvr_flows
# got executed.
if not self.enable_distributed_routing:
self.int_br.drop_port(in_port=int_ofport)
br.drop_port(in_port=phys_ofport)
if self.use_veth_interconnection:
# enable veth to pass traffic