From: zhaoqingling Date: Sat, 23 Dec 2017 07:20:59 +0000 (+0800) Subject: VPP-1110 BVI reply ARP that doesn't request BVI loacl IP. X-Git-Tag: v18.04-rc1~529 X-Git-Url: https://gerrit.fd.io/r/gitweb?p=vpp.git;a=commitdiff_plain;h=b4c42cdc6bbbf464f3f0034b2b39d4e20fd23a25 VPP-1110 BVI reply ARP that doesn't request BVI loacl IP. Change-Id: I66ae618edaa12c2b4e4afe276da689673b02c9cd Signed-off-by: zhaoqingling --- diff --git a/src/vnet/ethernet/arp.c b/src/vnet/ethernet/arp.c index f46e6f5a5bc..149f0a5dc96 100644 --- a/src/vnet/ethernet/arp.c +++ b/src/vnet/ethernet/arp.c @@ -1123,6 +1123,12 @@ arp_input (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) &arp0->ip4_over_ethernet[0]); goto drop1; } + else if (arp0->opcode == + clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_request) && + (dst_is_local0 == 0)) + { + goto drop1; + } send_reply: /* Send a reply. diff --git a/test/test_neighbor.py b/test/test_neighbor.py index 68dde2fb840..565a8b4442d 100644 --- a/test/test_neighbor.py +++ b/test/test_neighbor.py @@ -641,7 +641,6 @@ class ARPTestCase(VppTestCase): # # 4 - don't respond to ARP requests that has mac source different # from ARP request HW source - # the router # p = (Ether(dst="ff:ff:ff:ff:ff:ff", src=self.pg0.remote_mac) / ARP(op="who-has", @@ -651,6 +650,19 @@ class ARPTestCase(VppTestCase): self.send_and_assert_no_replies(self.pg0, p, "ARP req for non-local source") + # + # 5 - don't respond to ARP requests for address within the + # interface's sub-net but not the interface's address + # + self.pg0.generate_remote_hosts(2) + p = (Ether(dst="ff:ff:ff:ff:ff:ff", src=self.pg0.remote_mac) / + ARP(op="who-has", + hwsrc=self.pg0.remote_mac, + psrc=self.pg0.remote_hosts[0].ip4, + pdst=self.pg0.remote_hosts[1].ip4)) + self.send_and_assert_no_replies(self.pg0, p, + "ARP req for non-local destination") + # # cleanup #