All of lore.kernel.org
 help / color / mirror / Atom feed
* Fw: [Bug 198521] New: VRF: VRF device does not egress all broadcast(255.255.255.255) destined packet
@ 2018-01-19 16:17 Stephen Hemminger
  0 siblings, 0 replies; only message in thread
From: Stephen Hemminger @ 2018-01-19 16:17 UTC (permalink / raw)
  To: David Ahern; +Cc: netdev



Begin forwarded message:

Date: Fri, 19 Jan 2018 12:59:23 +0000
From: bugzilla-daemon@bugzilla.kernel.org
To: stephen@networkplumber.org
Subject: [Bug 198521] New: VRF: VRF device does not egress all broadcast(255.255.255.255) destined packet


https://bugzilla.kernel.org/show_bug.cgi?id=198521

            Bug ID: 198521
           Summary: VRF: VRF device does not egress all
                    broadcast(255.255.255.255) destined packet
           Product: Networking
           Version: 2.5
    Kernel Version: Linux version 4.9.71
          Hardware: All
                OS: Linux
              Tree: Mainline
            Status: NEW
          Severity: blocking
          Priority: P1
         Component: IPV4
          Assignee: stephen@networkplumber.org
          Reporter: sukumarg1973@gmail.com
        Regression: No

CONFIGURATION AND PACKET FLOW:
==============================

1) Created VRF device(VRF_258) and enslaved network device(v2_F4252) to this
VRF.

/exos/bin # ip link show vrf_258
13: vrf_258: <NOARP,MASTER,UP,LOWER_UP> mtu 65536 qdisc noqueue state UP mode
DEFAULT group default qlen 1000
    link/ether 00:04:96:9a:b4:f7 brd ff:ff:ff:ff:ff:ff


/exos/bin # ip link show v2_F4252
150: v2_F4252: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master
vrf_258 state UNKNOWN mode DEFAULT group default qlen 1
    link/ether 00:04:96:9a:b4:f7 brd ff:ff:ff:ff:ff:ff

/exos/bin # ifconfig -a v2_F4252
v2_F4252  Link encap:Ethernet  HWaddr 00:04:96:9A:B4:F7  
          inet addr:20.20.20.10  Bcast:20.20.20.255  Mask:255.255.255.0
          inet6 addr: 2001::1/64 Scope:Global
          inet6 addr: fe80::204:96ff:fe9a:b4f7/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:44 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:12628 (12.3 KiB)  TX bytes:1184 (1.1 KiB)

/exos/bin # ifconfig -a vrf_258
vrf_258   Link encap:Ethernet  HWaddr 00:04:96:9A:B4:F7  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP RUNNING NOARP MASTER  MTU:65536  Metric:1
          RX packets:96 errors:0 dropped:0 overruns:0 frame:0
          TX packets:48 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:28368 (27.7 KiB)  TX bytes:14592 (14.2 KiB)


/exos/bin # ip route show  table 258
default via 20.20.20.1 dev v2_F4252 proto gated metric 10 
unreachable default metric 8192 
broadcast 20.20.20.0 dev v2_F4252 proto kernel scope link src 20.20.20.10 
20.20.20.0/24 dev v2_F4252 proto kernel scope link src 20.20.20.10 
local 20.20.20.10 dev v2_F4252 proto kernel scope host src 20.20.20.10 
broadcast 20.20.20.255 dev v2_F4252 proto kernel scope link src 20.20.20.10 
local 90.90.90.10 dev v9_F4254 proto kernel scope host src 90.90.90.10 
broadcast 127.0.0.0 dev vrf_258 proto kernel scope link src 127.0.0.1 
127.0.0.0/8 dev vrf_258 proto kernel scope link src 127.0.0.1 
local 127.0.0.1 dev vrf_258 proto kernel scope host src 127.0.0.1 
broadcast 127.255.255.255 dev vrf_258 proto kernel scope link src 127.0.0.1 


2) Opened UDP socket SO_BINDTODEVICE to VRF_258 device, enabled SO_BROADCAST
setsockoption.
Transmitting UDP packet with SrcIP = 20.20.20.10 and DstIP=255.255.255.255 on
v2_F4252 mentioned in pktinfo cmsg header

3) udp_sendmsg() receives the packet then packet given to VRF processing. 
vrf_ip_out() function divert only mulicast packet but broadcast has not been
diverted so VRF device started processing
the broadcast packet destined to 255.255.255.255.

4) vrf_ip_out() function  gets vrf->rth dst entry and invokes vrf_output().

5) finally packet enters vrf_process_v4_outbound() function. Here route lookup
is performed
    ip_route_output_flow() for this flow on VRF_258.
    Lookup returned 
          routes rt->rt_gateway = 0, 
          rt_type = 3(BROADCAST), 
          rt->rt_flags= 90000000(BROADCAST and LOCAL), 
          rt->dst.dev = VRF_258

    Instead of packet egressing, below check ( rt->dst.dev == vrf_dev) forcing
the packet to Rx path so packet got
    looped back and not egressing.
    if (rt->dst.dev == net->loopback_dev || rt->dst.dev == vrf_dev ) {
    }


Workaround:
===========

 1) is 255.255.255.255 routeable address ? if not, then packet should not be
given to VRF processing
 2) This packet also to be diverted similar to broadcast packet. following
patch solved the issue

   static struct sk_buff *vrf_ip_out(struct net_device *vrf_dev, struct
        sock *sk, struct sk_buff *skb) {

        /* don’t divert multicast */
        if (ipv4_is_multicast(ip_hdr(skb)->daddr))
        return skb;

        /* MY PATCH BEGIN */
        /* don’t divert broadcast */
        if (ipv4_is_lbcast(ip_hdr(skb)->daddr))
         return skb;
        /* MY PATCH END */

-- 
You are receiving this mail because:
You are the assignee for the bug.

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2018-01-19 18:40 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-01-19 16:17 Fw: [Bug 198521] New: VRF: VRF device does not egress all broadcast(255.255.255.255) destined packet Stephen Hemminger

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.