[DVR] Block ARP to dvr router's port instead of subnet's gateway
It may happen that subnet is connected to dvr router using IP address different than subnet's gateway_ip. So in br-tun arp to dvr router's port should be dropped instead of dropping arp to subnet's gateway_ip (or mac in case of IPv6). Change-Id: Ida6b7ae53f3fc76f54e389c5f7131b5a66f533ce Closes-bug: #1831575
This commit is contained in:
parent
8c774d3f1d
commit
ae3aa28f5a
@ -416,12 +416,11 @@ class OVSDVRNeutronAgent(object):
|
||||
# TODO(vivek) remove the IPv6 related flows once SNAT is not
|
||||
# used for IPv6 DVR.
|
||||
if ip_version == 4:
|
||||
if subnet_info['gateway_ip']:
|
||||
br.install_dvr_process_ipv4(
|
||||
vlan_tag=lvm.vlan, gateway_ip=subnet_info['gateway_ip'])
|
||||
vlan_tag=lvm.vlan, gateway_ip=fixed_ip['ip_address'])
|
||||
else:
|
||||
br.install_dvr_process_ipv6(
|
||||
vlan_tag=lvm.vlan, gateway_mac=subnet_info['gateway_mac'])
|
||||
vlan_tag=lvm.vlan, gateway_mac=port.vif_mac)
|
||||
br.install_dvr_process(
|
||||
vlan_tag=lvm.vlan, vif_mac=port.vif_mac,
|
||||
dvr_mac_address=self.dvr_mac_address)
|
||||
|
@ -2856,7 +2856,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||
return resp
|
||||
|
||||
def _expected_install_dvr_process(self, lvid, port, ip_version,
|
||||
gateway_ip, gateway_mac):
|
||||
gateway_ip):
|
||||
if ip_version == n_const.IP_VERSION_4:
|
||||
ipvx_calls = [
|
||||
mock.call.install_dvr_process_ipv4(
|
||||
@ -2867,7 +2867,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||
ipvx_calls = [
|
||||
mock.call.install_dvr_process_ipv6(
|
||||
vlan_tag=lvid,
|
||||
gateway_mac=gateway_mac),
|
||||
gateway_mac=port.vif_mac),
|
||||
]
|
||||
return ipvx_calls + [
|
||||
mock.call.install_dvr_process(
|
||||
@ -2881,12 +2881,13 @@ class TestOvsDvrNeutronAgent(object):
|
||||
self, device_owner, ip_version=n_const.IP_VERSION_4):
|
||||
self._setup_for_dvr_test()
|
||||
if ip_version == n_const.IP_VERSION_4:
|
||||
gateway_ip = '1.1.1.1'
|
||||
gateway_ip = '1.1.1.10'
|
||||
cidr = '1.1.1.0/24'
|
||||
else:
|
||||
gateway_ip = '2001:100::1'
|
||||
cidr = '2001:100::0/64'
|
||||
self._port.vif_mac = gateway_mac = 'aa:bb:cc:11:22:33'
|
||||
self._port.vif_mac = 'aa:bb:cc:11:22:33'
|
||||
gateway_mac = 'aa:bb:cc:66:66:66'
|
||||
self._compute_port.vif_mac = '77:88:99:00:11:22'
|
||||
physical_network = self._physical_network
|
||||
segmentation_id = self._segmentation_id
|
||||
@ -2934,8 +2935,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||
port=self._port,
|
||||
lvid=lvid,
|
||||
ip_version=ip_version,
|
||||
gateway_ip=gateway_ip,
|
||||
gateway_mac=gateway_mac)
|
||||
gateway_ip=self._fixed_ips[0]['ip_address'])
|
||||
expected_on_int_br = [
|
||||
mock.call.provision_local_vlan(
|
||||
port=int_ofp,
|
||||
@ -3023,8 +3023,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||
port=self._port,
|
||||
lvid=lvid,
|
||||
ip_version=ip_version,
|
||||
gateway_ip=gateway_ip,
|
||||
gateway_mac=gateway_mac)
|
||||
gateway_ip=gateway_ip)
|
||||
self.assertEqual(expected_on_int_br, int_br.mock_calls)
|
||||
self.assertEqual(expected_on_tun_br, tun_br.mock_calls)
|
||||
self.assertEqual([], phys_br.mock_calls)
|
||||
@ -3285,8 +3284,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||
port=self._port,
|
||||
lvid=lvid,
|
||||
ip_version=ip_version,
|
||||
gateway_ip=gateway_ip,
|
||||
gateway_mac=gateway_mac)
|
||||
gateway_ip=gateway_ip)
|
||||
self.assertEqual(expected_on_tun_br, tun_br.mock_calls)
|
||||
|
||||
int_br.reset_mock()
|
||||
@ -3390,8 +3388,7 @@ class TestOvsDvrNeutronAgent(object):
|
||||
port=self._port,
|
||||
lvid=lvid,
|
||||
ip_version=ip_version,
|
||||
gateway_ip=gateway_ip,
|
||||
gateway_mac=gateway_mac)
|
||||
gateway_ip=gateway_ip)
|
||||
self.assertEqual(expected_on_tun_br, tun_br.mock_calls)
|
||||
int_br.reset_mock()
|
||||
tun_br.reset_mock()
|
||||
|
Loading…
x
Reference in New Issue
Block a user