Hello John,
I agree with you. I'm familiar with VXLAN and now with VXLAN GPE which RFC I
read once and I don't know other implementations.
My understanding is, if is VXLAN then UDP destination port is 4789 and must
have set I bit to 1. If is frame encapsulated into VXLAN GPE then UDP
destination port is 4790 and must have set I and P bits (probably some others
too). The RFCs also defines that if is received wrong bit set it should be
ignored.
In scapy I am definitely sending wrong VXLAN packet, so I'll modify test case.
Thanks,
Matej.
From: John Lo (loj)
Sent: 9. decembra 2016 17:02
To: Matej Klotton -X (mklotton - PANTHEON TECHNOLOGIES at Cisco)
<mklot...@cisco.com>; vpp-dev@lists.fd.io
Subject: RE: [vpp-dev] vxlan setup guidance
The referenced RFC text Is as follows:
- Reserved fields (24 bits and 8 bits): MUST be set to zero on
transmission and ignored on receipt.
Note that it stated the sender must set it to 0. As for the receiver ignoring
the R-bits part, I think this does not apply any longer because of VXLAN-GPE
RFC where some of the reserved bits are now used to specify protocol, OAM,
version, etc. If the received packet is a VXLAN-GPE packet, we cannot blindly
send the payload into a bridge domain assuming it is an Ethernet packet. The
code right now does ignore the 24 bit reserved fields and just check the 8-bit
reserved field where the VXLAN-GPE P and O bits are present. This is the text
from the VXLAN-GPE RFC:
4.1. VXLAN VTEP to VXLAN-gpe VTEP
As per VXLAN, reserved bits 5 and 7, VXLAN-gpe P and O-bits
respectively must be set to zero. The remaining reserved bits must
be zero, including the VXLAN-gpe version field, bits 8 and 9. The
encapsulated payload MUST be Ethernet.
In conclusion, I believe VPP VXLAN decap check is correct. Scapy should be
fixed as it does not set all reserved bits to 0 as per RFC. Please let me know
if you disagree.
Regards,
John
From: vpp-dev-boun...@lists.fd.io<mailto:vpp-dev-boun...@lists.fd.io>
[mailto:vpp-dev-boun...@lists.fd.io] On Behalf Of Matej Klotton -X (mklotton -
PANTHEON TECHNOLOGIES at Cisco)
Sent: Friday, December 09, 2016 9:15 AM
To: vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io>
Subject: Re: [vpp-dev] vxlan setup guidance
https://jira.fd.io/browse/VPP-553
From: Dave Barach (dbarach)
Sent: 9. decembra 2016 15:09
To: Matej Klotton -X (mklotton - PANTHEON TECHNOLOGIES at Cisco)
<mklot...@cisco.com<mailto:mklot...@cisco.com>>
Subject: RE: [vpp-dev] vxlan setup guidance
Please do; assign it to John Lo...
Thanks... Dave
From: vpp-dev-boun...@lists.fd.io<mailto:vpp-dev-boun...@lists.fd.io>
[mailto:vpp-dev-boun...@lists.fd.io] On Behalf Of Matej Klotton -X (mklotton -
PANTHEON TECHNOLOGIES at Cisco)
Sent: Friday, December 9, 2016 9:03 AM
To: vpp-dev@lists.fd.io<mailto:vpp-dev@lists.fd.io>
Subject: Re: [vpp-dev] vxlan setup guidance
Hi,
I've noticed, new scapy uses different flag value than older, it uses 0xc
instead 0x8 which is required by VPP.
#define VXLAN_FLAGS_I 0x08
if (PREDICT_FALSE (vxlan0->flags != VXLAN_FLAGS_I))
{
error0 = VXLAN_ERROR_BAD_FLAGS;
next0 = VXLAN_INPUT_NEXT_DROP;
goto trace0;
}
However RFC https://tools.ietf.org/html/rfc7348#section-5 says that received
reserved bits must be ignored.
Should I open a Jira ticket for this issue?
Regards,
Matej
_______________________________________________
vpp-dev mailing list
vpp-dev@lists.fd.io
https://lists.fd.io/mailman/listinfo/vpp-dev
