[ovs-discuss] Residual IP/ARP entry after a VM is powered off -> OVS passing unwanted pkts

Ben Pfaff blp at nicira.com
Thu Sep 2 22:25:10 UTC 2010

On Thu, Sep 02, 2010 at 06:38:52PM -0300, Luiz Henrique Ozaki wrote:
> Some MAC into switch A is comunicating with a MAC in switch B, when MAC at
> switch B is shutdown, the switch will send that packets to all ports in
> switch B and if the switch C is connected to switch B, the packets will go
> thought all ports in C too and switch D is connected to C, D to E =
> broadcast to all switches ! When a port is disconnected, the switch know
> that the port state changed and make the MAC address entry goes incomplete
> for that MAC and no packets are sent, maybe an arp request but not the
> packet broadcast.

The switch will indeed start broadcasting all packets to an unlearned
MAC.  If the sender spews them out at an uncontrolled rate, then you
will waste a lot of bandwidth across your entire subnet.  But reasonable
senders will not do that (and TCP/IP is reasonable in this sense).

> As far as I know, the switch have MAC address table relation MACs to ports
> and those packets are sent only when this relation is valid always or try to
> do so. Seems a primary function since without this a "broadcast of death"
> can be easy to make.
> As you said, I should assume a switch flooding broadcast packets and if the
> switch doesn't have that check, all your network in the same VLAN will crash
> since that packet of death will go all over the switches.

I don't know what you mean by "packet of death" here.  Flooding a
unicast packet across your subnet won't cause hosts any consternation.
They won't even see it unless their NICs are in promiscuous mode.

