Fix openvswitch anti-spoofing rules for Stein internal vlan changes.
Somewhere in Stein, the internal openvswitch vlan tagging changed, so that even though vlan tags are applied in br-int for packets coming from br-ex, it is now br-ex's job to strip in the reverse direction. So for > Stein, just add strip_vlan for these ARP reply rules. We only want to have them apply on traffic coming from br-int, but it's not obvious how to force a particular internal vlan assignment. The only thing we could do is scrape the one assigned by openswitch-agent by looking at its db, or at the br-int flow rules. But for now we don't have to care; any public ARP replies will need tags stripped since we don't support control net (br-ex) vlans right now.
Showing with 15 additions and 1 deletion