Dear VPP Folks, I checked vpp behavior when it receives packets with Time To Live (TTL) value of 1. I'm using vpp version of v19.08-rc0 on master branch.
Based on Cisco network devices, I expected that VPP drops packets with TTL 1 and it sends an ICMP reject message to client. Also, when client pings the Cisco device's interfaces with packets having TTL 1, the packets are rejected again and an icmp reject message is sent to the client. I see two types of different behavior between vpp and Cisco. In normal configuration, the TTL checking is done after lookup ( based on trace log) but I expected to see this checking before routing, nat or other functionality nodes. It is not optimized to do a lot of process on packets and then check their TTL value, Isn't it? Currently, the TTL value is checked in ip4-rewrite node, which is too late. Another difference is when a client pings vpp interfaces ip with TTL 1, VPP sends echo reply packet to the client while in Cisco this packets are rejected. Can we consider this behavior as a bug? my topology: |Client 20.20.20.20| <--------> | 20.20.20.1 VPP device 30.30.30.1| <---------> |30.30.30.30 Router 40.40.40.1| <------------> |40.40.40.40 Server| attached, you will find my configuration file. Best Regards,
Configuration1
Description: Binary data
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#13773): https://lists.fd.io/g/vpp-dev/message/13773 Mute This Topic: https://lists.fd.io/mt/32921392/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
