Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1758271Ab3CDPYG (ORCPT <rfc822;w@1wt.eu>);
	Mon, 4 Mar 2013 10:24:06 -0500
Received: from mail-da0-f54.google.com ([209.85.210.54]:50382 "EHLO
	mail-da0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1757041Ab3CDPYF (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Mon, 4 Mar 2013 10:24:05 -0500
Message-ID: <1362410642.15793.95.camel@edumazet-glaptop>
Subject: Re: [PATCH 1/1] reset nf before xmit vxlan encapsulated packet
From: Eric Dumazet <eric.dumazet@gmail.com>
To: Zang MingJie <zealot0630@gmail.com>
Cc: linux-kernel@vger.kernel.org
Date: Mon, 04 Mar 2013 07:24:02 -0800
In-Reply-To: <1362406139-29135-1-git-send-email-zealot0630@gmail.com>
References: <1362406139-29135-1-git-send-email-zealot0630@gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.2.3-0ubuntu6 
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2253
Lines: 60

On Mon, 2013-03-04 at 22:08 +0800, Zang MingJie wrote:
> We should reset nf settings bond to the skb as ipip/ipgre do.
> 
> If not, the conntrack/nat info bond to the origin packet may continually
> redirect the packet to vxlan interface causing a routing loop.
> 
> this is the scenario:
> 
>      VETP     VXLAN Gateway
>     /----\  /---------------\
>     |    |  |               |
>     |  vx+--+vx --NAT-> eth0+--> Internet
>     |    |  |               |
>     \----/  \---------------/
> 
> when there are any packet coming from internet to the vetp, there will be lots
> of garbage packets coming out the gateway's vxlan interface, but none actually
> sent to the physical interface, because they are redirected back to the vxlan
> interface in the postrouting chain of NAT rule, and dmesg complains:
> 
>     Mar  1 21:52:53 debian kernel: [ 8802.997699] Dead loop on virtual device vxlan0, fix it urgently!
>     Mar  1 21:52:54 debian kernel: [ 8804.004907] Dead loop on virtual device vxlan0, fix it urgently!
>     Mar  1 21:52:55 debian kernel: [ 8805.012189] Dead loop on virtual device vxlan0, fix it urgently!
>     Mar  1 21:52:56 debian kernel: [ 8806.020593] Dead loop on virtual device vxlan0, fix it urgently!
> 
> the patch should fix the problem
> 
> Signed-off-by: Zang MingJie <zealot0630@gmail.com>
> ---
>  drivers/net/vxlan.c |    2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c
> index f10e58a..c3e3d29 100644
> --- a/drivers/net/vxlan.c
> +++ b/drivers/net/vxlan.c
> @@ -961,6 +961,8 @@ static netdev_tx_t vxlan_xmit(struct sk_buff *skb, struct net_device *dev)
>  	iph->ttl	= ttl ? : ip4_dst_hoplimit(&rt->dst);
>  	tunnel_ip_select_ident(skb, old_iph, &rt->dst);
>  
> +	nf_reset(skb);
> +
>  	vxlan_set_owner(dev, skb);
>  
>  	/* See iptunnel_xmit() */


As mentioned in MAINTAINERS file, networking patches should be sent to :

M:      "David S. Miller" <davem@davemloft.net>
L:      netdev@vger.kernel.org

Thanks !


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/