From: Dmytro Linkin <[email protected]>
Currently ofproto design disallow duplicating output packet on forwarding
and mirroring to/from same ovs port. Next scenario reveal lack of design:
1. Send ping between regular ovs ports (VFs, for ex.), stop it.
2. While rule still exist, make mirror for one of the ports.
Prevent duplicating of traffic to a mirror port.
Fixes: 86e2dcddce85 ("dpif-xlate: Snoop multicast packets and send them
properly")
Signed-off-by: Dmytro Linkin <[email protected]>
Acked-by: Roi Dayan <[email protected]>
---
changlog
v2:
- remove one redundant warnng and update the second.
- remove the redundant comment as its the same as the error print.
ofproto/ofproto-dpif-xlate.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c
index 7e55575b183a..daf7fec80c9e 100644
--- a/ofproto/ofproto-dpif-xlate.c
+++ b/ofproto/ofproto-dpif-xlate.c
@@ -3118,6 +3118,13 @@ xlate_normal(struct xlate_ctx *ctx)
if (mac_port) {
struct xbundle *mac_xbundle = xbundle_lookup(ctx->xcfg, mac_port);
+
+ if (mac_xbundle && xbundle_mirror_out(ctx->xbridge, mac_xbundle)) {
+ xlate_report(ctx, OFT_WARN,
+ "learned port is a mirror port, dropping");
+ return;
+ }
+
if (mac_xbundle
&& mac_xbundle != in_xbundle
&& mac_xbundle->ofbundle != in_xbundle->ofbundle) {
--
2.8.4
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
