Re: [PATCH v2 1/2] ip_tunnel: fix ip tunnel lookup in collect_md mode
From: äæå
Date: Mon Jun 19 2017 - 09:14:20 EST
> On 19 Jun 2017, at 1:43 PM, Pravin Shelar <pshelar@xxxxxxx> wrote:
>
> On Fri, Jun 16, 2017 at 8:27 PM, Haishuang Yan
> <yanhaishuang@xxxxxxxxxxxxxxxxxxxx> wrote:
>> In collect_md mode, if the tun dev is down, it still can call
>> ip_tunnel_rcv to receive on packets, and the rx statistics increase
>> improperly.
>>
>> Fixes: 2e15ea390e6f ("ip_gre: Add support to collect tunnel metadata.")
>> Cc: Pravin B Shelar <pshelar@xxxxxxxxxx>
>> Signed-off-by: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
>>
>> ---
>> Change since v2:
>> * Fix wrong recipient addresss
>> ---
>> net/ipv4/ip_tunnel.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c
>> index 0f1d876..a3caba1 100644
>> --- a/net/ipv4/ip_tunnel.c
>> +++ b/net/ipv4/ip_tunnel.c
>> @@ -176,7 +176,7 @@ struct ip_tunnel *ip_tunnel_lookup(struct ip_tunnel_net *itn,
>> return cand;
>>
>> t = rcu_dereference(itn->collect_md_tun);
>> - if (t)
>> + if (t && (t->dev->flags & IFF_UP))
>> return t;
>>
> It would be nice if we could increment drop count if tunnel device is not up.
>
Hi Pravin
I think itâs not necessary, for example as gre tunnel, if ipgre_rcv fails, it would trigger send an icmp unreachable
message:
if (ipgre_rcv(skb, &tpi, hdr_len) == PACKET_RCVD)
return 0;
icmp_send(skb, ICMP_DEST_UNREACH, ICMP_PORT_UNREACH, 0);
Since the tunnel device didnât touch the packets, so increase drop statistics is not necessary.
Thanks