diff mbox series

[ovs-dev,ovs] ofproto-dpif-xlate: Allow specific tunnel packets sent outside.

Message ID 20210130145611.78958-1-xiangxia.m.yue@gmail.com
State New
Headers show
Series [ovs-dev,ovs] ofproto-dpif-xlate: Allow specific tunnel packets sent outside. | expand

Commit Message

Tonghao Zhang Jan. 30, 2021, 2:56 p.m. UTC 
From: Tonghao Zhang <xiangxia.m.yue@gmail.com>

This patch adds more strict limitation to tunnel packets.
If the source and destination address are the local address.
the tunnel packets will be sent to outside.

This is useful, for example, if we upgrade the openvswitch:
One OvS may send these packets outside, and the physical switch
can send that packets back in hairpin mode, then other OvS may
process them.

Signed-off-by: Tonghao Zhang <xiangxia.m.yue@gmail.com>
---
 ofproto/ofproto-dpif-xlate.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

Comments

0-day Robot Jan. 30, 2021, 3:10 p.m. UTC | #1 
Bleep bloop.  Greetings Tonghao Zhang, I am a robot and I have tried out your patch.
Thanks for your contribution.

I encountered some error that I wasn't expecting.  See the details below.


checkpatch:
WARNING: Line has non-spaces leading whitespace
WARNING: Line has trailing whitespace
#36 FILE: ofproto/ofproto-dpif-xlate.c:4111:
    

Lines checked: 43, Warnings: 2, Errors: 0


Please check this out.  If you feel there has been an error, please email aconole@redhat.com

Thanks,
0-day Robot
diff mbox series

Patch

diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c
index 7108c8a30138..80c631993f05 100644
--- a/ofproto/ofproto-dpif-xlate.c
+++ b/ofproto/ofproto-dpif-xlate.c
@@ -4101,7 +4101,15 @@  terminate_native_tunnel(struct xlate_ctx *ctx, struct flow *flow,
         }
     }
 
-    return *tnl_port != ODPP_NONE;
+    /* Allow tunnel packets which source, and destination address
+     * are the local address to be sent outside. */
+    if (*tnl_port != ODPP_NONE &&
+        (flow->nw_src != flow->nw_dst ||
+         !ipv6_addr_equals(&flow->ipv6_src, &flow->ipv6_dst))) {
+        return true;
+    }
+    
+    return false;
 }
 
 static void