diff mbox series

[ovs-dev,v2] ofproto-dpif-xlate: Prevent duplicating of traffic to a mirror port

Message ID 20191203141121.464-1-roid@mellanox.com
State Accepted
Commit 84dd881bb5be74b16b6177889394e99a49f6be90
Headers show
Series [ovs-dev,v2] ofproto-dpif-xlate: Prevent duplicating of traffic to a mirror port | expand

Commit Message

Roi Dayan Dec. 3, 2019, 2:11 p.m. UTC 
From: Dmytro Linkin <dmitrolin@mellanox.com>

Currently ofproto design disallow duplicating output packet on forwarding
and mirroring to/from same ovs port. Next scenario reveal lack of design:
1. Send ping between regular ovs ports (VFs, for ex.), stop it.
2. While rule still exist, make mirror for one of the ports.
Prevent duplicating of traffic to a mirror port.

Fixes: 86e2dcddce85 ("dpif-xlate: Snoop multicast packets and send them properly")
Signed-off-by: Dmytro Linkin <dmitrolin@mellanox.com>
Acked-by: Roi Dayan <roid@mellanox.com>
---
changlog
v2:
- remove one redundant warnng and update the second.
- remove the redundant comment as its the same as the error print.

 ofproto/ofproto-dpif-xlate.c | 7 +++++++
 1 file changed, 7 insertions(+)

Comments

Ben Pfaff Dec. 3, 2019, 7:09 p.m. UTC | #1 
On Tue, Dec 03, 2019 at 04:11:21PM +0200, Roi Dayan wrote:
> From: Dmytro Linkin <dmitrolin@mellanox.com>
> 
> Currently ofproto design disallow duplicating output packet on forwarding
> and mirroring to/from same ovs port. Next scenario reveal lack of design:
> 1. Send ping between regular ovs ports (VFs, for ex.), stop it.
> 2. While rule still exist, make mirror for one of the ports.
> Prevent duplicating of traffic to a mirror port.
> 
> Fixes: 86e2dcddce85 ("dpif-xlate: Snoop multicast packets and send them properly")
> Signed-off-by: Dmytro Linkin <dmitrolin@mellanox.com>
> Acked-by: Roi Dayan <roid@mellanox.com>

Thanks, applied to master.
diff mbox series

Patch

diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c
index 7e55575b183a..daf7fec80c9e 100644
--- a/ofproto/ofproto-dpif-xlate.c
+++ b/ofproto/ofproto-dpif-xlate.c
@@ -3118,6 +3118,13 @@  xlate_normal(struct xlate_ctx *ctx)
 
         if (mac_port) {
             struct xbundle *mac_xbundle = xbundle_lookup(ctx->xcfg, mac_port);
+
+            if (mac_xbundle && xbundle_mirror_out(ctx->xbridge, mac_xbundle)) {
+                xlate_report(ctx, OFT_WARN,
+                             "learned port is a mirror port, dropping");
+                return;
+            }
+
             if (mac_xbundle
                 && mac_xbundle != in_xbundle
                 && mac_xbundle->ofbundle != in_xbundle->ofbundle) {