[ovs-dev] [PATCH 1/3] ovn-northd: Don't deliver even broadcast packets to disabled logical ports.
Justin Pettit
jpettit at nicira.com
Fri Sep 11 19:49:13 UTC 2015
> On Sep 11, 2015, at 11:36 AM, Ben Pfaff <blp at nicira.com> wrote:
>
> Until now, the priority-100 flow for broadcast and multicast packets caused
> such packets to be delivered to disabled logical ports. This commit makes
> ovn-northd add a priority-150 flow for each disabled logical port to
> override that behavior.
>
> Found by inspection.
>
> Signed-off-by: Ben Pfaff <blp at nicira.com>
> ---
> ovn/northd/ovn-northd.c | 22 ++++++++++++++--------
> 1 file changed, 14 insertions(+), 8 deletions(-)
>
> diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c
> index 253ee59..a6572df 100644
> --- a/ovn/northd/ovn-northd.c
> +++ b/ovn/northd/ovn-northd.c
> @@ -863,20 +863,26 @@ build_lflows(struct northd_context *ctx, struct hmap *datapaths,
> "output;");
> }
>
> - /* Egress table 1: Egress port security (priority 50). */
> + /* Egress table 1: Egress port security (priority 50).
> + *
> + * Also, priority 150 rules for disabled logical ports so that they don't
> + * even receive multicast or broadcast packets. */
It seems like it might be clearer in the title to indicate both priorities being set. Then, in the comment describe both types of flows. Not a big deal, though.
Acked-by: Justin Pettit <jpettit at nicira.com>
--Justin
More information about the dev
mailing list