build/init.common: prevent arp responses on the wrong nic.

Having multiple NICs in the same segment that are going to be bonded is a common scenario in modern datacenters. The kernel should not respond to arp requests for ip addresses that are not for the specific NIC it arrives on. This patch prevents dhclient from dropping its ip address while renewing its dhcp lease. Closes redhat-cip#237
gerhardqux · Apr 14, 2015 · 1220f8d · 1220f8d
1 parent 3af94b5
commit 1220f8d
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/build/init.common b/build/init.common
@@ -567,6 +567,11 @@ while true; do
                 ip link add link ${iface} name ${vlan_iface} type vlan id ${vlan}
                 iface=${vlan_iface}
             fi
+
+            # Prevent arp-flux: Do not respond to ARP requests that
+            # are not for this specific interface
+            sysctl net.ipv4.conf.$iface.arp_filter=1
+
             case "$config" in
                 "dhcp")
                     DHCP_IFACES_COUNT=$(($DHCP_IFACES_COUNT + 1))