[DVR] Block ARP to dvr router's port instead of subnet's gateway
It may happen that subnet is connected to dvr router using IP address different than subnet's gateway_ip. So in br-tun arp to dvr router's port should be dropped instead of dropping arp to subnet's gateway_ip (or mac in case of IPv6). Change-Id: Ida6b7ae53f3fc76f54e389c5f7131b5a66f533ce Closes-bug: #1831575
This commit is contained in:
parent
8c774d3f1d
commit
ae3aa28f5a
|
@ -416,12 +416,11 @@ class OVSDVRNeutronAgent(object):
|
||||||
# TODO(vivek) remove the IPv6 related flows once SNAT is not
|
# TODO(vivek) remove the IPv6 related flows once SNAT is not
|
||||||
# used for IPv6 DVR.
|
# used for IPv6 DVR.
|
||||||
if ip_version == 4:
|
if ip_version == 4:
|
||||||
if subnet_info['gateway_ip']:
|
br.install_dvr_process_ipv4(
|
||||||
br.install_dvr_process_ipv4(
|
vlan_tag=lvm.vlan, gateway_ip=fixed_ip['ip_address'])
|
||||||
vlan_tag=lvm.vlan, gateway_ip=subnet_info['gateway_ip'])
|
|
||||||
else:
|
else:
|
||||||
br.install_dvr_process_ipv6(
|
br.install_dvr_process_ipv6(
|
||||||
vlan_tag=lvm.vlan, gateway_mac=subnet_info['gateway_mac'])
|
vlan_tag=lvm.vlan, gateway_mac=port.vif_mac)
|
||||||
br.install_dvr_process(
|
br.install_dvr_process(
|
||||||
vlan_tag=lvm.vlan, vif_mac=port.vif_mac,
|
vlan_tag=lvm.vlan, vif_mac=port.vif_mac,
|
||||||
dvr_mac_address=self.dvr_mac_address)
|
dvr_mac_address=self.dvr_mac_address)
|
||||||
|
|
|
@ -2856,7 +2856,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||||
return resp
|
return resp
|
||||||
|
|
||||||
def _expected_install_dvr_process(self, lvid, port, ip_version,
|
def _expected_install_dvr_process(self, lvid, port, ip_version,
|
||||||
gateway_ip, gateway_mac):
|
gateway_ip):
|
||||||
if ip_version == n_const.IP_VERSION_4:
|
if ip_version == n_const.IP_VERSION_4:
|
||||||
ipvx_calls = [
|
ipvx_calls = [
|
||||||
mock.call.install_dvr_process_ipv4(
|
mock.call.install_dvr_process_ipv4(
|
||||||
|
@ -2867,7 +2867,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||||
ipvx_calls = [
|
ipvx_calls = [
|
||||||
mock.call.install_dvr_process_ipv6(
|
mock.call.install_dvr_process_ipv6(
|
||||||
vlan_tag=lvid,
|
vlan_tag=lvid,
|
||||||
gateway_mac=gateway_mac),
|
gateway_mac=port.vif_mac),
|
||||||
]
|
]
|
||||||
return ipvx_calls + [
|
return ipvx_calls + [
|
||||||
mock.call.install_dvr_process(
|
mock.call.install_dvr_process(
|
||||||
|
@ -2881,12 +2881,13 @@ class TestOvsDvrNeutronAgent(object):
|
||||||
self, device_owner, ip_version=n_const.IP_VERSION_4):
|
self, device_owner, ip_version=n_const.IP_VERSION_4):
|
||||||
self._setup_for_dvr_test()
|
self._setup_for_dvr_test()
|
||||||
if ip_version == n_const.IP_VERSION_4:
|
if ip_version == n_const.IP_VERSION_4:
|
||||||
gateway_ip = '1.1.1.1'
|
gateway_ip = '1.1.1.10'
|
||||||
cidr = '1.1.1.0/24'
|
cidr = '1.1.1.0/24'
|
||||||
else:
|
else:
|
||||||
gateway_ip = '2001:100::1'
|
gateway_ip = '2001:100::1'
|
||||||
cidr = '2001:100::0/64'
|
cidr = '2001:100::0/64'
|
||||||
self._port.vif_mac = gateway_mac = 'aa:bb:cc:11:22:33'
|
self._port.vif_mac = 'aa:bb:cc:11:22:33'
|
||||||
|
gateway_mac = 'aa:bb:cc:66:66:66'
|
||||||
self._compute_port.vif_mac = '77:88:99:00:11:22'
|
self._compute_port.vif_mac = '77:88:99:00:11:22'
|
||||||
physical_network = self._physical_network
|
physical_network = self._physical_network
|
||||||
segmentation_id = self._segmentation_id
|
segmentation_id = self._segmentation_id
|
||||||
|
@ -2934,8 +2935,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||||
port=self._port,
|
port=self._port,
|
||||||
lvid=lvid,
|
lvid=lvid,
|
||||||
ip_version=ip_version,
|
ip_version=ip_version,
|
||||||
gateway_ip=gateway_ip,
|
gateway_ip=self._fixed_ips[0]['ip_address'])
|
||||||
gateway_mac=gateway_mac)
|
|
||||||
expected_on_int_br = [
|
expected_on_int_br = [
|
||||||
mock.call.provision_local_vlan(
|
mock.call.provision_local_vlan(
|
||||||
port=int_ofp,
|
port=int_ofp,
|
||||||
|
@ -3023,8 +3023,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||||
port=self._port,
|
port=self._port,
|
||||||
lvid=lvid,
|
lvid=lvid,
|
||||||
ip_version=ip_version,
|
ip_version=ip_version,
|
||||||
gateway_ip=gateway_ip,
|
gateway_ip=gateway_ip)
|
||||||
gateway_mac=gateway_mac)
|
|
||||||
self.assertEqual(expected_on_int_br, int_br.mock_calls)
|
self.assertEqual(expected_on_int_br, int_br.mock_calls)
|
||||||
self.assertEqual(expected_on_tun_br, tun_br.mock_calls)
|
self.assertEqual(expected_on_tun_br, tun_br.mock_calls)
|
||||||
self.assertEqual([], phys_br.mock_calls)
|
self.assertEqual([], phys_br.mock_calls)
|
||||||
|
@ -3285,8 +3284,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||||
port=self._port,
|
port=self._port,
|
||||||
lvid=lvid,
|
lvid=lvid,
|
||||||
ip_version=ip_version,
|
ip_version=ip_version,
|
||||||
gateway_ip=gateway_ip,
|
gateway_ip=gateway_ip)
|
||||||
gateway_mac=gateway_mac)
|
|
||||||
self.assertEqual(expected_on_tun_br, tun_br.mock_calls)
|
self.assertEqual(expected_on_tun_br, tun_br.mock_calls)
|
||||||
|
|
||||||
int_br.reset_mock()
|
int_br.reset_mock()
|
||||||
|
@ -3390,8 +3388,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||||
port=self._port,
|
port=self._port,
|
||||||
lvid=lvid,
|
lvid=lvid,
|
||||||
ip_version=ip_version,
|
ip_version=ip_version,
|
||||||
gateway_ip=gateway_ip,
|
gateway_ip=gateway_ip)
|
||||||
gateway_mac=gateway_mac)
|
|
||||||
self.assertEqual(expected_on_tun_br, tun_br.mock_calls)
|
self.assertEqual(expected_on_tun_br, tun_br.mock_calls)
|
||||||
int_br.reset_mock()
|
int_br.reset_mock()
|
||||||
tun_br.reset_mock()
|
tun_br.reset_mock()
|
||||||
|
|
Loading…
Reference in New Issue