/* XXX:
*
- * Ability to generate actions on input for ECN
* Ability to generate metadata for packet-outs
- * IPsec using skb mark.
- * VXLAN.
- * Multicast group management (possibly).
* Disallow netdevs with names like "gre64_system" to prevent collisions. */
VLOG_DEFINE_THIS_MODULE(tunnel);
ovs_be32 ip_src;
ovs_be32 ip_dst;
uint32_t odp_port;
+ uint32_t skb_mark;
bool in_key_flow;
};
tnl_port->match.in_key = cfg->in_key;
tnl_port->match.ip_src = cfg->ip_src;
tnl_port->match.ip_dst = cfg->ip_dst;
+ tnl_port->match.skb_mark = cfg->ipsec ? IPSEC_MARK : 0;
tnl_port->match.in_key_flow = cfg->in_key_flow;
tnl_port->match.odp_port = odp_port;
match.ip_src = flow->tunnel.ip_dst;
match.ip_dst = flow->tunnel.ip_src;
match.in_key = flow->tunnel.tun_id;
+ match.skb_mark = flow->skb_mark;
tnl_port = tnl_find(&match);
if (!tnl_port) {
return NULL;
}
- if (is_ip_any(flow)
- && ((flow->tunnel.ip_tos & IP_ECN_MASK) == IP_ECN_CE)
- && (flow->nw_tos & IP_ECN_MASK) == IP_ECN_NOT_ECT) {
- VLOG_WARN_RL(&rl, "dropping tunnel packet marked ECN CE but is not ECN"
- " capable");
- return NULL;
- }
-
if (!VLOG_DROP_DBG(&dbg_rl)) {
pre_flow_str = flow_to_string(flow);
}
flow->tunnel.ip_src = tnl_port->match.ip_src;
flow->tunnel.ip_dst = tnl_port->match.ip_dst;
+ flow->skb_mark = tnl_port->match.skb_mark;
if (!cfg->out_key_flow) {
flow->tunnel.tun_id = cfg->out_key;
tnl_find(struct tnl_match *match_)
{
struct tnl_match match = *match_;
- bool is_multicast = ip_is_multicast(match.ip_src);
struct tnl_port *tnl_port;
/* remote_ip, local_ip, in_key */
- if (!is_multicast) {
- tnl_port = tnl_find_exact(&match);
- if (tnl_port) {
- return tnl_port;
- }
+ tnl_port = tnl_find_exact(&match);
+ if (tnl_port) {
+ return tnl_port;
}
/* remote_ip, in_key */
match.ip_src = match_->ip_src;
/* remote_ip, local_ip */
- if (!is_multicast) {
- match.in_key = 0;
- match.in_key_flow = true;
- tnl_port = tnl_find_exact(&match);
- if (tnl_port) {
- return tnl_port;
- }
- match.in_key = match_->in_key;
- match.in_key_flow = false;
+ match.in_key = 0;
+ match.in_key_flow = true;
+ tnl_port = tnl_find_exact(&match);
+ if (tnl_port) {
+ return tnl_port;
}
/* remote_ip */
match.ip_src = 0;
- match.in_key = 0;
- match.in_key_flow = true;
tnl_port = tnl_find_exact(&match);
if (tnl_port) {
return tnl_port;
}
- match.ip_src = match_->ip_src;
- match.in_key = match_->in_key;
- match.in_key_flow = false;
-
- if (is_multicast) {
- match.ip_src = 0;
- match.ip_dst = match_->ip_src;
- /* multicast remote_ip, in_key */
- tnl_port = tnl_find_exact(&match);
- if (tnl_port) {
- return tnl_port;
- }
-
- /* multicast remote_ip */
- match.in_key = 0;
- match.in_key_flow = true;
- tnl_port = tnl_find_exact(&match);
- if (tnl_port) {
- return tnl_port;
- }
- }
return NULL;
}
}
ds_put_format(ds, ", dp port=%"PRIu32, match->odp_port);
+ ds_put_format(ds, ", skb mark=%"PRIu32, match->skb_mark);
}
static void