© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
2eb648a
demo site
(Get the code!)
I can confirm now that it is visible now on the victim VM.
To summarize:
- the issue can happen when using ML2/Linuxbridge backend between vms on the same neutron network and on the same compute node. VMs on different compute nodes can't be attacked - is my understanding correct?
- we will need to check if ML2/OVS with iptables_hybrid driver would be affected - I don't think as OVS is tagging packets with some "internal" vlan id in the meantime and strips it later before it comes to the dest vm. But we should check that to be sure.