Comment 16 for bug 1866445

@Li Yajie, please check if L3 flood you're saying is still there after applied Darragh O'Reilly (darragh-oreilly) https://review.opendev.org/714726.Per my understanding, both of them are L2 flood because ovs bridge acts as a switch but not router. You can use "ovs-appctl dpif/dump-flows br-int" to double confirm what you're saying "other VM can grab packets".

Per my check, Liu Yulong's fix patch plus my fix patch for iptables_hybrid won't have L2 flood and L3 flood you're saying. So now we have at least 3 proposed ways to fix it, which one is better? Welcome comments.