set the type of skb to outgoing when encapsulating a packet,
since it changes from the original type to an outgoing packet.
When two tunnel ports created on two OVS bridges on same host and
two ports are the end point of the tunnel, packets are dropped as below.
If a packet has pkt_type of PACKET_OTHERHOST when coming to ovs bridge,
the packet is dropped by ip_rcv() if rules are installed and skb are
forwarded by loopback device.
Packet isn't dropped if flow rule isn't installed in kernel datapath,
OVS_ACTION_ATTR_OUTPUT is used to send the packet.
netns A | root netns | netns B
veth<->veth=ovs bridge=gre<-loop back->gre=ovs bridge=veth<->veth
arp packet ->
pkt_type
BROADCAST------------>ip_rcv()------------------------>
<- arp reply
pkt_type
rule exists
ip_rcv()<-----------------OTHERHOST
drop
<--------------------ip_rcv()<--- PACKET_HOST rule doesn't exists
pass ^ |
| |upcall
| V
OVS_ACTION_ATTR_OUTPUT
ovs-switchd
Cc: Murphy McCauley <murphy.mccau...@gmail.com>
Cc: Jesse Gross <je...@nicira.com>
Signed-off-by: Isaku Yamahata <yamah...@valinux.co.jp>
---
datapath/tunnel.c | 1 +
datapath/vport-gre.c | 1 +
2 files changed, 2 insertions(+)
diff --git a/datapath/tunnel.c b/datapath/tunnel.c
index ef46a69..b955384 100644
--- a/datapath/tunnel.c
+++ b/datapath/tunnel.c
@@ -298,6 +298,7 @@ int ovs_tnl_send(struct vport *vport, struct sk_buff *skb,
memset(IPCB(skb), 0, sizeof(*IPCB(skb)));
+ skb->pkt_type = PACKET_OUTGOING;
err = ip_local_out(skb);
if (unlikely(net_xmit_eval(err)))
goto next;
diff --git a/datapath/vport-gre.c b/datapath/vport-gre.c
index c74f5fc..604fe94 100644
--- a/datapath/vport-gre.c
+++ b/datapath/vport-gre.c
@@ -175,6 +175,7 @@ static int __send(struct vport *vport, struct sk_buff *skb,
skb->local_df = 1;
+ skb->pkt_type = PACKET_OUTGOING;
return iptunnel_xmit(net, rt, skb, saddr,
OVS_CB(skb)->tun_key->ipv4_dst, IPPROTO_GRE,
OVS_CB(skb)->tun_key->ipv4_tos,
--
1.7.10.4
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
