Hi, There are multiple kinds of bypass nodes in vpp. Bypass nodes intercept packets matching certain criteria and pass them directly to the protocol handler node. I am going to use GTPU as the illustrating example.
Bypass node SHOULD intercept packets with destination IP matching a local address and UDP destination port equal to 2152. Bypass node MUST NOT intercept a packet if destination IP doesn’t match a local address. Otherwise enabling GTPU bypass would change the observable system behaviour. An address is local within a certain VRF. It’s possible that an address is local in one VRF but it’s not in another. But GTPU bypass node is not VRF aware. Image a vpp setup with 2 interfaces, associated with different VRF-s. The first interface address is 10.0.10.100, the other one — 192.168.0.7. Both have GTPU bypass enabled. Now GTPU bypass in the second interface will intercept packets sent to 10.0.10.100 (the first interface’s address), though it shouldn’t. This is a somewhat contrived example, but it looks like bypass node should be VRF-aware for correctness. Am I missing something? Would you be open to a patch making GTPU bypass VRF-aware? Best, Nick
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#15560): https://lists.fd.io/g/vpp-dev/message/15560 Mute This Topic: https://lists.fd.io/mt/71569502/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
