Uploaded image for project: 'vpp'
  1. vpp
  2. VPP-1112

l3 interface doesn't check the target MAC address of packets without vlan tag

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Medium Medium
    • 18.01
    • None
    • VNET

      When a packet without vlan tag was received by l3 interface, it was transmitted from dpdk-input node directly to ip4-input. The ethernet-input node was just bypassed. The target MAC address of this packet was not checked ,then the packet was routed by VPP anyway.

      If thoes packets that not belong to VPP were flooded from a l2 switch to l3 interfaces of VPP, the packets could be routed to the network improperly. 

       

      Here is the configuration and  trace :

      vpp# show interface addr
      GigabitEthernet0/5/0 (up):
          55.55.55.2/24

      vpp# show trace

      Packet 1

      00:06:01:591490: dpdk-input
      GigabitEthernet0/6/0 rx queue 0
      buffer 0xd98f: current data 14, length 60, free-list 0, clone-count 0, totlen-nifb 0, trace 0x4
      PKT MBUF: port 4, nb_segs 1, pkt_len 74
      buf_len 2176, data_len 74, ol_flags 0x0, data_off 128, phys_addr 0x234b2280
      packet_type 0x0
      IP4: fa:16:3e:a5:00:d8 -> 00:11:22:33:44:55
      ICMP: 1.2.3.4 -> 55.55.55.1
      tos 0x00, ttl 128, length 60, checksum 0x4373
      fragment id 0x8510
      ICMP echo_request checksum 0x375c
      00:06:01:591500: ip4-input
      ICMP: 1.2.3.4 -> 55.55.55.1
      tos 0x00, ttl 128, length 60, checksum 0x4373
      fragment id 0x8510
      ICMP echo_request checksum 0x375c
      00:06:01:591507: ip4-lookup
      fib 0 dpo-idx 7 flow hash: 0x00000000
      ICMP: 1.2.3.4 -> 55.55.55.1
      tos 0x00, ttl 128, length 60, checksum 0x4373
      fragment id 0x8510
      ICMP echo_request checksum 0x375c
      00:06:01:591509: ip4-rewrite
      tx_sw_if_index 5 dpo-idx 7 : ipv4 via 55.55.55.1 eio-5: 001122334455fa163e9e53280800 flow hash: 0x00000000
      00000000: 001122334455fa163e9e532808004500003c851000007f014473010203043737
      00000020: 37010800375c020014006162636465666768696a6b6c6d6e6f707172
      00:06:01:591511: GigabitEthernet0/6/0-output
      eio-5
      IP4: fa:16:3e:9e:53:28 -> 00:11:22:33:44:55
      ICMP: 1.2.3.4 -> 55.55.55.1
      tos 0x00, ttl 127, length 60, checksum 0x4473
      fragment id 0x8510
      ICMP echo_request checksum 0x375c
      00:06:01:591514: GigabitEthernet0/6/0-tx
      eio-5 tx queue 1
      buffer 0xd98f: current data 0, length 74, free-list 0, clone-count 0, totlen-nifb 0, trace 0x4
      IP4: fa:16:3e:9e:53:28 -> 00:11:22:33:44:55
      ICMP: 1.2.3.4 -> 55.55.55.1
      tos 0x00, ttl 127, length 60, checksum 0x4473
      fragment id 0x8510
      ICMP echo_request checksum 0x375c

            zhaoqingling qingling zhao
            zhaoqingling qingling zhao
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: