[ovs-discuss] [Bug #1378] xenserver: Enable ARP filtering to work around xhad bug.

Ben Pfaff blp at nicira.com
Tue Jul 28 22:25:50 UTC 2009


This works around a bug in xhad, which binds to a particular Ethernet
device, which in turn causes ICMP port unreachable messages if packets are
received are on the wrong interface, which in turn can happen if we send
out ARP replies on every interface (as Linux does by default) instead of
just on the interface that has the IP address being ARPed for, which this
sysctl setting in turn works around.

Justin Pettit did most of the work tracking down the origin of this bug.

Bug #1378.
---
 xenserver/vswitch-xen.spec |   15 +++++++++++++++
 1 files changed, 15 insertions(+), 0 deletions(-)

diff --git a/xenserver/vswitch-xen.spec b/xenserver/vswitch-xen.spec
index 373bfb2..3e3920e 100644
--- a/xenserver/vswitch-xen.spec
+++ b/xenserver/vswitch-xen.spec
@@ -168,6 +168,21 @@ fi
 %post
 source /etc/xensource-inventory
 
+if grep -F net.ipv4.conf.all.arp_filter >/dev/null 2>&1; then :; else
+    cat >>/etc/sysctl.conf <<EOF
+# This is a workaround for a bug in xhad, which binds to a particular
+# Ethernet device, which in turn causes ICMP port unreachable messages
+# if packets are received are on the wrong interface, which in turn
+# can happen if we send out ARP replies on every interface (as Linux
+# does by default) instead of just on the interface that has the IP
+# address being ARPed for, which this sysctl setting in turn works
+# around.
+#
+# Bug #1378.
+net.ipv4.conf.all.arp_filter = 1
+EOF
+fi
+
 xe host-param-set \
     "other-config:vSwitchVersion=%{version}" uuid="$INSTALLATION_UUID" ||
     echo "Could not set vSwitchVersion config parameter"
-- 
1.6.3.3





More information about the discuss mailing list