From: Jesse Gross Date: Thu, 18 Feb 2010 16:42:36 +0000 (-0500) Subject: gre: Always set TTL on outer packet to 64. X-Git-Tag: v1.0.0~259^2~41 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=a9a4b30c0091b507dfe0f7c59c80355693836f04;p=sliver-openvswitch.git gre: Always set TTL on outer packet to 64. Currently the TTL is copied from the inner packet of the tunnel to the outer packet if the inner packet is IP. This is good if your GRE packets might make it into the input of your device but bad if you want to be fully transparent. This also resolves an inconsistency between tunnels set up using the ioctl and using Netlink. The ioctl version would force PMTUD on if a fixed TTL is set as a backup way to prevent loops but it never made it over to the newer Netlink code so obviously no one cares too much about it. This removes it to provide consistency and transparency. Basically, don't create loops and you will be happy. --- diff --git a/datapath/linux-2.6/compat-2.6/ip_gre.c b/datapath/linux-2.6/compat-2.6/ip_gre.c index da43f4535..2f46e05ae 100644 --- a/datapath/linux-2.6/compat-2.6/ip_gre.c +++ b/datapath/linux-2.6/compat-2.6/ip_gre.c @@ -124,7 +124,11 @@ fatal route to network, even if it were you who configured fatal static route: you are innocent. :-) - + XXX: Forcing the DF flag on was done only when setting up tunnels via the + ioctl interface and not Netlink. Since it prevents some operations + and isn't very transparent I removed it. It seems nobody really + cared about it anyways. + Moral: don't create loops. 3. Really, ipv4/ipip.c, ipv4/ip_gre.c and ipv6/sit.c contain practically identical code. It would be good to glue them @@ -1101,9 +1105,6 @@ ipgre_tunnel_ioctl (struct net_device *dev, struct ifreq *ifr, int cmd) add_tunnel = (cmd == SIOCADDTUNNEL || cmd == SIOCADDGRETAP); gretap = (cmd == SIOCADDGRETAP || cmd == SIOCCHGGRETAP); - if (p.iph.ttl) - p.iph.frag_off |= htons(IP_DF); - if (!(p.i_flags&GRE_KEY)) p.i_key = 0; if (!(p.o_flags&GRE_KEY)) diff --git a/lib/netdev-linux.c b/lib/netdev-linux.c index 5341ed06f..daf00a480 100644 --- a/lib/netdev-linux.c +++ b/lib/netdev-linux.c @@ -316,7 +316,7 @@ setup_gre_netlink(const char *name OVS_UNUSED, nl_msg_put_u32(&request, IFLA_GRE_LOCAL, config->local_ip); nl_msg_put_u32(&request, IFLA_GRE_REMOTE, config->remote_ip); nl_msg_put_u8(&request, IFLA_GRE_PMTUDISC, pmtudisc); - nl_msg_put_u8(&request, IFLA_GRE_TTL, 0); + nl_msg_put_u8(&request, IFLA_GRE_TTL, IPDEFTTL); nl_msg_put_u8(&request, IFLA_GRE_TOS, 0); info_data_hdr->nla_len = (char *)ofpbuf_tail(&request) @@ -356,6 +356,7 @@ setup_gre_ioctl(const char *name, struct gre_config *config, bool create) p.iph.protocol = IPPROTO_GRE; p.iph.saddr = config->local_ip; p.iph.daddr = config->remote_ip; + p.iph.ttl = IPDEFTTL; if (config->have_in_key) { p.i_flags |= GRE_KEY;