*
* Ability to generate actions on input for ECN
* Ability to generate metadata for packet-outs
- * IPsec using skb mark.
- * VXLAN.
- * Multicast group management (possibly).
* Disallow netdevs with names like "gre64_system" to prevent collisions. */
VLOG_DEFINE_THIS_MODULE(tunnel);
+/* skb mark used for IPsec tunnel packets */
+#define IPSEC_MARK 1
+
struct tnl_match {
ovs_be64 in_key;
ovs_be32 ip_src;
ovs_be32 ip_dst;
uint32_t odp_port;
+ uint32_t skb_mark;
bool in_key_flow;
};
tnl_port->match.in_key = cfg->in_key;
tnl_port->match.ip_src = cfg->ip_src;
tnl_port->match.ip_dst = cfg->ip_dst;
+ tnl_port->match.skb_mark = cfg->ipsec ? IPSEC_MARK : 0;
tnl_port->match.in_key_flow = cfg->in_key_flow;
tnl_port->match.odp_port = odp_port;
match.ip_src = flow->tunnel.ip_dst;
match.ip_dst = flow->tunnel.ip_src;
match.in_key = flow->tunnel.tun_id;
+ match.skb_mark = flow->skb_mark;
tnl_port = tnl_find(&match);
if (!tnl_port) {
flow->tunnel.ip_src = tnl_port->match.ip_src;
flow->tunnel.ip_dst = tnl_port->match.ip_dst;
+ flow->skb_mark = tnl_port->match.skb_mark;
if (!cfg->out_key_flow) {
flow->tunnel.tun_id = cfg->out_key;
tnl_find(struct tnl_match *match_)
{
struct tnl_match match = *match_;
- bool is_multicast = ip_is_multicast(match.ip_src);
struct tnl_port *tnl_port;
/* remote_ip, local_ip, in_key */
- if (!is_multicast) {
- tnl_port = tnl_find_exact(&match);
- if (tnl_port) {
- return tnl_port;
- }
+ tnl_port = tnl_find_exact(&match);
+ if (tnl_port) {
+ return tnl_port;
}
/* remote_ip, in_key */
match.ip_src = match_->ip_src;
/* remote_ip, local_ip */
- if (!is_multicast) {
- match.in_key = 0;
- match.in_key_flow = true;
- tnl_port = tnl_find_exact(&match);
- if (tnl_port) {
- return tnl_port;
- }
- match.in_key = match_->in_key;
- match.in_key_flow = false;
+ match.in_key = 0;
+ match.in_key_flow = true;
+ tnl_port = tnl_find_exact(&match);
+ if (tnl_port) {
+ return tnl_port;
}
/* remote_ip */
match.ip_src = 0;
- match.in_key = 0;
- match.in_key_flow = true;
tnl_port = tnl_find_exact(&match);
if (tnl_port) {
return tnl_port;
}
- match.ip_src = match_->ip_src;
- match.in_key = match_->in_key;
- match.in_key_flow = false;
-
- if (is_multicast) {
- match.ip_src = 0;
- match.ip_dst = match_->ip_src;
- /* multicast remote_ip, in_key */
- tnl_port = tnl_find_exact(&match);
- if (tnl_port) {
- return tnl_port;
- }
-
- /* multicast remote_ip */
- match.in_key = 0;
- match.in_key_flow = true;
- tnl_port = tnl_find_exact(&match);
- if (tnl_port) {
- return tnl_port;
- }
- }
return NULL;
}
}
ds_put_format(ds, ", dp port=%"PRIu32, match->odp_port);
+ ds_put_format(ds, ", skb mark=%"PRIu32, match->skb_mark);
}
static void