fix: set opinionated arp_ignore in base image

Some Linux distributions set this to 2 or higher, which will break
kindnet (specifically the ptp plugin). We now set this in our base
image in an opinionated way so that the host system no longer
decides the value as it might inadvertantly break kind networking.

Signed-off-by: Shane Utt <shaneutt@linux.com>

images/base/files/etc/sysctl.d/10-network-magic.conf

@@ -9,3 +9,17 @@
 # Kubernetes mitigates the possible security issue caused by enabling this option.
 # ref: https://nvd.nist.gov/vuln/detail/CVE-2020-8558
 net.ipv4.conf.all.route_localnet=1
+
+# The global kernel parameter net.ipv4.conf.all.arp_ignore governs the
+# conditions under which ARP requests will be accepted or ignored. This global
+# setting will override any individual interface settings. Some host systems
+# might set this global parameter to a more restrictive setting of 2 (or
+# greater). Specifically, in mode 2, the system ignores ARP requests directed to
+# /32 addresses (this is what kindnet assigns to its veth interfaces) because
+# the request originates from a different subnet. This behavior breaks routing
+# for kindnet (specifically the ptp plugin), so we opinionatedly set this to 0
+# when kindnet is in use to ensure proper networking.
+#
+# For more information see:
+# https://www.kernel.org/doc/html/latest/networking/ip-sysctl.html#arp_ignore
+net.ipv4.conf.all.arp_ignore=0