In deployments with multiple tunnels, it can be possible to enter an infinite loop where traffic generates an arp/nd lookup which is forwarded to a different tunnel, generating a new arp/nd packet that is send back to the first tunnel. Now the depth counter is incremented for new arp/nd packets, just as happens in xlate_table_action().
Signed-off-by: Mike Pattrick <[email protected]> --- ofproto/ofproto-dpif-xlate.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c index 850597b3a..887893417 100644 --- a/ofproto/ofproto-dpif-xlate.c +++ b/ofproto/ofproto-dpif-xlate.c @@ -679,6 +679,7 @@ static size_t count_skb_priorities(const struct xport *); static bool dscp_from_skb_priority(const struct xport *, uint32_t skb_priority, uint8_t *dscp); +static bool xlate_resubmit_resource_check(struct xlate_ctx *ctx); static void xlate_xbridge_init(struct xlate_cfg *, struct xbridge *); static void xlate_xbundle_init(struct xlate_cfg *, struct xbundle *); static void xlate_xport_init(struct xlate_cfg *, struct xport *); @@ -3723,6 +3724,10 @@ compose_table_xlate(struct xlate_ctx *ctx, const struct xport *out_dev, struct ofpact_output output; struct flow flow; + if (!xlate_resubmit_resource_check(ctx)) { + return 0; + } + ofpact_init(&output.ofpact, OFPACT_OUTPUT, sizeof output); flow_extract(packet, &flow); flow.in_port.ofp_port = out_dev->ofp_port; @@ -3731,7 +3736,8 @@ compose_table_xlate(struct xlate_ctx *ctx, const struct xport *out_dev, return ofproto_dpif_execute_actions__(xbridge->ofproto, version, &flow, NULL, &output.ofpact, sizeof output, - ctx->depth, ctx->resubmits, packet); + ctx->depth + 1, ctx->resubmits, + packet); } static void -- 2.43.5 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
