[NETVIRT-1073] Reponse packet to Broadcast/Multicast requests are dropped in conntrack Created: 31/Jan/18 Updated: 04/Oct/18 Resolved: 04/Oct/18 |
|
| Status: | Resolved |
| Project: | netvirt |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Medium |
| Reporter: | Bertrand Low | Assignee: | Unassigned |
| Resolution: | Cannot Reproduce | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Description |
|
Consider the following scenario: 1) VM1 sends broadcast ping to 255.255.255.255 2) Conntrack tracks this session between VM1 IP and 255.255.255.255 3) Reply from VM2 will be from VM2 IP and not from 255.255.255.255, thus, conntrack treats this as an invalid response The above is the same for the multicast case; multicast replies are dropped by conntrack. Though the above behaviour has been currently implemented by design, it does not allow for usage where the reply packets are actually desired. |