On 2/27/18 9:09 AM, Stephen Suryaputra wrote:
> Thanks David for confirming that this is unintended.
>
> Given that, I think the fix isn't complete because when forwarding
> isn't enabled on the original incoming netdev, the ICMP shouldn't be
> generated. This diff fixes that case:
>
> diff --git
Thanks David for confirming that this is unintended.
Given that, I think the fix isn't complete because when forwarding
isn't enabled on the original incoming netdev, the ICMP shouldn't be
generated. This diff fixes that case:
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index a4f44d8..dc40a9
On 2/23/18 10:49 AM, Stephen Suryaputra wrote:
> Greetings,
>
> We found that ICMP destination unreachable isn't sent if VRF
> forwarding isn't configured, i.e.
> /proc/sys/net/ipv4/conf//forwarding isn't set. The
> relevant code is:
>
> static int ip_error(struct sk_buff *skb)
> {
> ...
>
Greetings,
We found that ICMP destination unreachable isn't sent if VRF
forwarding isn't configured, i.e.
/proc/sys/net/ipv4/conf//forwarding isn't set. The
relevant code is:
static int ip_error(struct sk_buff *skb)
{
...
// in_dev is the vrf net_device
if (!IN_DEV_FORWARD(in_dev)
