[ovs-discuss] ovs gratuitous arp (grARP) and duplicated IP

Roman Dodin dodin.roman at gmail.com
Mon Feb 15 21:07:04 UTC 2021 

Maybe as an interim measure someone can share with me a command that will
allow to filter/drop gratuitous ARP requests egressing from a particular
interface and a particular mac?

On Sun, Feb 14, 2021 at 1:30 PM Roman Dodin <dodin.roman at gmail.com> wrote:

> Hi all,
> I have an issue in my lab setup where I have two containers: container1
> and container2
> Container1 has OVS installed inside and a qemu VM which is connected with
> its tap1 interface to the OVS bridge named *vr-ovs-tap1*
> To the same *vr-ovs-tap1* OVS bridge I have container's *eth1* interface
> connected:
>
> [image: image.png]
>
> ovs-vsctl show
> 5f076880-7c79-4e45-8fba-dd0ed58c2002
>     Bridge vr-ovs-tap1
>         datapath_type: netdev
>         Port vr-ovs-tap1
>             Interface vr-ovs-tap1
>                 type: internal
>         Port eth1
>             Interface eth1
>         Port tap1
>             Interface tap1
>     ovs_version: "2.13.1"
>
> The problem starts when I configure IP address in container2, let's say I
> add 192.168.1.1/24 IP address on interface *eth1 *of container2.
> Container2 sends broadcast ARPs to ensure that this address is available.
>
> 11 76.741180 EquipTra_ff:00:00 Broadcast ARP 60 Who has 192.168.1.1? (ARP
> Probe)
>
> Then it sends ARP announcement
> 12 78.740426 EquipTra_ff:00:00 Broadcast ARP 60 ARP Announcement for
> 192.168.1.1
>
> And right after that announcement, OVS replies with grARP for the same IP,
> which makes it a duplicate
>
> 13 78.804164 fa:c2:db:b4:bc:49 EquipTra_ff:00:00 ARP 42 Gratuitous ARP for
> 192.168.1.1 (Reply) (duplicate use of 192.168.1.1 detected!)
>
> MAC fa:c2:db:b4:bc:49 belongs to OVS bridge:
>
> 6: vr-ovs-tap1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc
> fq_codel state UNKNOWN mode DEFAULT group default qlen 1000
>     link/ether fa:c2:db:b4:bc:49 brd ff:ff:ff:ff:ff:ff
>
> What is the proper way to fix this behaviour that leads to duplicate IP
> addresses?
>
> Attaching the pcap for completeness
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20210215/bc1bf464/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 159875 bytes
Desc: not available
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20210215/bc1bf464/attachment-0001.png>

More information about the discuss mailing list