vrf for packets sent to agent via encap nexthop should come from meta…

…data and not from ingress interface Till now, packets that were sent to agent via an encap nexthop, had the vrf in the agent header set to the ingress interface vrf. The vrf value in all cases have to be the vrf to which the packet has been classified to. Bug fix for arp behavior: If an arp request ingressed from fabric interface and if the proxy bit was set in the route, but the stitching information was not present, vrouter used to proxy with the vhost mac. This behavior is wrong. vrouter should proxy only if the destination is hosted by it or if the destination is not hosted and it is a TSN or if the request was meant for a host in the cp port. Closes-Bug: #1428135 Change-Id: Ibe543c743a07834a87e1512ac305f1e0f32d5d30
Juniper · Mar 11, 2015 · 6433c65 · 6433c65
1 parent 4510298
commit 6433c65
Show file tree

Hide file tree

Showing 5 changed files with 35 additions and 29 deletions.
diff --git a/dp-core/vr_datapath.c b/dp-core/vr_datapath.c
@@ -102,23 +102,26 @@ vr_get_proxy_mac(struct vr_packet *pkt, struct vr_forwarding_md *fmd,
         }
 
         /*
-         * if nh is not of ENCAP type, that means that the vm is not hosted by
-         * us or the request is for a host in vcp port. if the request is for
-         * a host in the vcp port, we should proxy. else, we should proxy only
-         * if
-         * i am a TSN, i have the mac information and the originator is a bare
-         * metal
+         * we should proxy if the vm is hosted by us, in which case nh will be
+         * of ENCAP type. we should also proxy for a host in vcp port. In all
+         * other cases, we should proxy only if
+         *
+         * i am a TSN(fmd->fmd_src),
+         * i amd the dns IP or
+         * i have the mac information (nh - (mostly tunnel)) and
+         * the originator is a bare metal (fmd->fmd_src)
          */
-        if (!to_vcp && nh && nh->nh_type != NH_ENCAP) {
-            if (fmd->fmd_src != TOR_SOURCE) {
-                if (stats)
-                    stats->vrf_arp_physical_flood++;
-                return MR_FLOOD;
-            }
+        if (to_vcp || to_gateway ||
+                ((nh) &&
+                 ((nh->nh_type == NH_ENCAP) ||
+                  (fmd->fmd_src == TOR_SOURCE)))) {
+            if (stats)
+                stats->vrf_arp_physical_stitch++;
+        } else {
+            if (stats)
+                stats->vrf_arp_physical_flood++;
+            return MR_FLOOD;
         }
-
-        if (stats)
-            stats->vrf_arp_physical_stitch++;
     } else {
         /*
          * if there is no stitching information, but flood flag is set

diff --git a/dp-core/vr_interface.c b/dp-core/vr_interface.c
@@ -86,7 +86,8 @@ vif_drop_pkt(struct vr_interface *vif, struct vr_packet *pkt, bool input)
  */
 static unsigned char *
 vif_cmn_rewrite(struct vr_interface *vif, struct vr_packet *pkt,
-        unsigned char *rewrite, unsigned short len)
+        struct vr_forwarding_md *fmd, unsigned char *rewrite,
+        unsigned short len)
 {
     unsigned char *head;
 
@@ -232,7 +233,8 @@ vif_xconnect(struct vr_interface *vif, struct vr_packet *pkt,
 
 static unsigned char *
 agent_set_rewrite(struct vr_interface *vif, struct vr_packet *pkt,
-        unsigned char *rewrite, unsigned short len)
+        struct vr_forwarding_md *fmd, unsigned char *rewrite,
+        unsigned short len)
 {
     unsigned char *head;
     unsigned int hdr_len;
@@ -256,7 +258,7 @@ agent_set_rewrite(struct vr_interface *vif, struct vr_packet *pkt,
 
     hdr = (struct agent_hdr *)(head + len);
     hdr->hdr_ifindex = htons(pkt->vp_if->vif_idx);
-    hdr->hdr_vrf = htons(pkt->vp_if->vif_vrf);
+    hdr->hdr_vrf = htons(fmd->fmd_dvrf);
     /* this needs some thought */
     hdr->hdr_cmd = htons(AGENT_TRAP_NEXTHOP);
     hdr->hdr_cmd_param = 0;
@@ -948,7 +950,8 @@ tun_rx(struct vr_interface *vif, struct vr_packet *pkt,
 
 static unsigned char *
 eth_set_rewrite(struct vr_interface *vif, struct vr_packet *pkt,
-        unsigned char *rewrite, unsigned short len)
+        struct vr_forwarding_md *fmd, unsigned char *rewrite,
+        unsigned short len)
 {
     if (!len)
         return pkt_data(pkt);
@@ -958,7 +961,7 @@ eth_set_rewrite(struct vr_interface *vif, struct vr_packet *pkt,
         return pkt_data(pkt);
     }
 
-    return vif_cmn_rewrite(vif, pkt, rewrite, len);
+    return vif_cmn_rewrite(vif, pkt, fmd, rewrite, len);
 }
 
 static mac_response_t

diff --git a/dp-core/vr_mirror.c b/dp-core/vr_mirror.c
@@ -417,7 +417,7 @@ vr_mirror(struct vrouter *router, uint8_t mirror_id,
                     pkt_nh->nh_encap_len))
                 goto fail;
 
-            if (!pkt_nh->nh_dev->vif_set_rewrite(pkt_nh->nh_dev, pkt,
+            if (!pkt_nh->nh_dev->vif_set_rewrite(pkt_nh->nh_dev, pkt, fmd,
                     pkt_nh->nh_data, pkt_nh->nh_encap_len))
                 goto fail;
         }

diff --git a/dp-core/vr_nexthop.c b/dp-core/vr_nexthop.c
@@ -1290,8 +1290,8 @@ nh_vxlan_tunnel(struct vr_packet *pkt, struct vr_nexthop *nh,
 
     /* slap l2 header */
     vif = nh->nh_dev;
-    if (!vif->vif_set_rewrite(vif, pkt, nh->nh_data,
-                                     nh->nh_udp_tun_encap_len)) {
+    if (!vif->vif_set_rewrite(vif, pkt, fmd,
+                nh->nh_data, nh->nh_udp_tun_encap_len)) {
         goto send_fail;
     }
 
@@ -1426,8 +1426,8 @@ nh_mpls_udp_tunnel(struct vr_packet *pkt, struct vr_nexthop *nh,
 
     /* slap l2 header */
     vif = nh->nh_dev;
-    tun_encap = vif->vif_set_rewrite(vif, pkt, nh->nh_data,
-                                     tun_encap_len);
+    tun_encap = vif->vif_set_rewrite(vif, pkt, fmd,
+            nh->nh_data, tun_encap_len);
     if (!tun_encap) {
         goto send_fail;
     }
@@ -1584,8 +1584,8 @@ nh_gre_tunnel(struct vr_packet *pkt, struct vr_nexthop *nh,
 
     /* slap l2 header */
     vif = nh->nh_dev;
-    tun_encap = vif->vif_set_rewrite(vif, pkt, nh->nh_data,
-            nh->nh_gre_tun_encap_len);
+    tun_encap = vif->vif_set_rewrite(vif, pkt, fmd,
+            nh->nh_data, nh->nh_gre_tun_encap_len);
     if (!tun_encap) {
         drop_reason = VP_DROP_PUSH;
         goto send_fail;
@@ -1746,7 +1746,7 @@ nh_encap_l3(struct vr_packet *pkt, struct vr_nexthop *nh,
             return 0;
     }
 
-    if (!vif->vif_set_rewrite(vif, pkt, nh->nh_data, nh->nh_encap_len)) {
+    if (!vif->vif_set_rewrite(vif, pkt, fmd, nh->nh_data, nh->nh_encap_len)) {
         vr_pfree(pkt, VP_DROP_REWRITE_FAIL);
         return 0;
     }

diff --git a/include/vr_interface.h b/include/vr_interface.h
@@ -171,7 +171,7 @@ struct vr_interface {
     void *vif_os;
     int (*vif_send)(struct vr_interface *, struct vr_packet *, void *);
     unsigned char *(*vif_set_rewrite)(struct vr_interface *, struct vr_packet *,
-            unsigned char *, unsigned short);
+            struct vr_forwarding_md *, unsigned char *, unsigned short);
     int (*vif_tx)(struct vr_interface *, struct vr_packet *,
             struct vr_forwarding_md *);
     /*