Skip to content

bpf: explicitly set ttl in tunnel key#12529

Merged
borkmann merged 1 commit intomasterfrom
pr/bpf-ttl-fix
Jul 15, 2020
Merged

bpf: explicitly set ttl in tunnel key#12529
borkmann merged 1 commit intomasterfrom
pr/bpf-ttl-fix

Conversation

@borkmann
Copy link
Copy Markdown
Member

@borkmann borkmann commented Jul 15, 2020
edited
Loading

See commit msg for details. Cc: @mskrocki

@borkmann
bpf: explicitly set ttl in tunnel key
ed0209a 
Maciej reported that when using vxlan packets we can see a TTL of 64
in the packet while for geneve packets the TTL is set to 0.

This is a kernel issue in that vxlan driver in its vxlan_xmit_one()
routine derives TTL from the route if otherwise not explicitly set
(such as by BPF tunnel key):

  ttl = ttl ? : ip4_dst_hoplimit(&rt->dst);

In geneve driver however, geneve_xmit_skb() only does the above in
non-collect_md mode, which means, if not explicitly set, the TTL will
remain 0 here.

I'll post a kernel fix separately, but simple workaround is to just
set TTL in BPF tunnel key to fixed value of 64.

tunnel_ttl is part of 4.9 bpf uapi header, so there are no issues with
backwards compat.

Reported-by: Maciej Skrocki <maciejskrocki@google.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
@borkmann borkmann added pending-review area/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. release-note/bug This PR fixes an issue in a previous release of Cilium. labels Jul 15, 2020
@borkmann borkmann requested review from a team, brb and tgraf July 15, 2020 09:16
@borkmann
Copy link
Copy Markdown
Member Author

borkmann commented Jul 15, 2020

test-me-please

@coveralls
Copy link
Copy Markdown

coveralls commented Jul 15, 2020

Coverage Status

Coverage increased (+0.02%) to 36.988% when pulling ed0209a on pr/bpf-ttl-fix into 7d871b2 on master.

@borkmann borkmann merged commit 38d9bf5 into master Jul 15, 2020
@borkmann borkmann deleted the pr/bpf-ttl-fix branch July 15, 2020 11:42
@brb brb mentioned this pull request Jul 15, 2020
Merged
@jrfastab jrfastab mentioned this pull request Jul 21, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@brb brb brb approved these changes

@pchaigno pchaigno pchaigno approved these changes

@qmonnet qmonnet qmonnet approved these changes

@tgraf tgraf Awaiting requested review from tgraf

Assignees

No one assigned

Labels

area/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. release-note/bug This PR fixes an issue in a previous release of Cilium.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@borkmann @coveralls @brb @pchaigno @qmonnet @jrfastab @christarazi