sonic-buildimage

matthew/sonic-buildimage

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ying Xie	9efcf1759a	[ebtables] install ebtables in base image and install filter rules (#2805 ) - Add ebtables package, and install some filter rules: 1. ebtables -A FORWARD -d BGA -j DROP 2. ebtables -A FORWARD -p ARP -j DROP Basically, we let the ARP packets in the VLAN being forwarded by the ASIC, kernel gets a copy of these ARP packets and the forwarding from Kenerl gets dropped. So there is always only one copy of ARP/response in the VLAN. Signed-off-by: Ying Xie <ying.xie@microsoft.com>	2019-05-09 09:44:41 -07:00

Author

SHA1

Message

Date

Ying Xie

9efcf1759a

[ebtables] install ebtables in base image and install filter rules (#2805 )

- Add ebtables package, and install some filter rules:
  1. ebtables -A FORWARD -d BGA -j DROP
  2. ebtables -A FORWARD -p ARP -j DROP

Basically, we let the ARP packets in the VLAN being forwarded by the ASIC,
kernel gets a copy of these ARP packets and the forwarding from Kenerl gets
dropped. So there is always only one copy of ARP/response in the VLAN.

Signed-off-by: Ying Xie <ying.xie@microsoft.com>

2019-05-09 09:44:41 -07:00

1 Commits