In the kernel tunnel implementation, if a packet was marked as ECN CE on
the outer packet then we would carry this over to the inner packet on
decapsulation. With the switch to flow based tunneling, this stopped
happening. This commit reintroduces that behavior by using the set IP
header action.
Bug #15072
Signed-off-by: Justin Pettit <jpet...@nicira.com>
---
ofproto/ofproto-dpif.c | 13 ++++++++-----
ofproto/tunnel.c | 1 -
tests/tunnel.at | 4 ++--
3 files changed, 10 insertions(+), 8 deletions(-)
diff --git a/ofproto/ofproto-dpif.c b/ofproto/ofproto-dpif.c
index dbda51f..27ef0b0 100644
--- a/ofproto/ofproto-dpif.c
+++ b/ofproto/ofproto-dpif.c
@@ -6311,11 +6311,14 @@ do_xlate_actions(const struct ofpact *ofpacts, size_t
ofpacts_len,
const struct ofpact *a;
if (is_ip_any(&ctx->base_flow)
- && ((ctx->base_flow.tunnel.ip_tos & IP_ECN_MASK) == IP_ECN_CE)
- && (ctx->base_flow.nw_tos & IP_ECN_MASK) == IP_ECN_NOT_ECT) {
- VLOG_WARN_RL(&rl, "dropping tunnel packet marked ECN CE but is not ECN"
- " capable");
- return;
+ && ((ctx->base_flow.tunnel.ip_tos & IP_ECN_MASK) == IP_ECN_CE)) {
+ if ((ctx->base_flow.nw_tos & IP_ECN_MASK) == IP_ECN_NOT_ECT) {
+ VLOG_WARN_RL(&rl, "dropping tunnel packet marked ECN CE"
+ " but is not ECN capable");
+ return;
+ } else {
+ ctx->flow.nw_tos |= IP_ECN_CE;
+ }
}
if (ctx->rule) {
diff --git a/ofproto/tunnel.c b/ofproto/tunnel.c
index 678358c..05aebd1 100644
--- a/ofproto/tunnel.c
+++ b/ofproto/tunnel.c
@@ -32,7 +32,6 @@
/* XXX:
*
- * Ability to generate actions on input for ECN
* Ability to generate metadata for packet-outs
* IPsec using skb mark.
* VXLAN.
diff --git a/tests/tunnel.at b/tests/tunnel.at
index e10571e..30b6704 100644
--- a/tests/tunnel.at
+++ b/tests/tunnel.at
@@ -96,13 +96,13 @@ AT_CHECK([tail -1 stdout], [0],
dnl Tunnel CE and encapsulated packet ECT(1)
AT_CHECK([ovs-appctl ofproto/trace br0
'tunnel(tun_id=0x0,src=1.1.1.1,dst=2.2.2.2,tos=0x3,ttl=64,flags()),in_port(1),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800),ipv4(src=192.168.0.1,dst=192.168.0.2,proto=6,tos=1,ttl=64,frag=no),tcp(src=8,dst=9)'],
[0], [stdout])
AT_CHECK([tail -1 stdout], [0],
- [Datapath actions: 2
+ [Datapath actions:
set(ipv4(src=192.168.0.1,dst=192.168.0.2,proto=6,tos=0x3,ttl=64,frag=no)),2
])
dnl Tunnel CE and encapsulated packet ECT(2)
AT_CHECK([ovs-appctl ofproto/trace br0
'tunnel(tun_id=0x0,src=1.1.1.1,dst=2.2.2.2,tos=0x3,ttl=64,flags()),in_port(1),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800),ipv4(src=192.168.0.1,dst=192.168.0.2,proto=6,tos=2,ttl=64,frag=no),tcp(src=8,dst=9)'],
[0], [stdout])
AT_CHECK([tail -1 stdout], [0],
- [Datapath actions: 2
+ [Datapath actions:
set(ipv4(src=192.168.0.1,dst=192.168.0.2,proto=6,tos=0x3,ttl=64,frag=no)),2
])
dnl Tunnel CE and encapsulated packet Non-ECT
--
1.7.5.4
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
