aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSteven Luong <sluong@cisco.com>2019-12-06 21:12:41 -0800
committerDamjan Marion <dmarion@me.com>2019-12-17 18:11:43 +0000
commit6dfd3785e4d65418f4330a73bf837912c37b8ec2 (patch)
tree5d6d5f1ce75789fba503121d4403e5c70922b40e
parent4ff8d615caf992a643abe7506f289c499de10d5c (diff)
bonding: drop traffic on backup interface for active-backup mode
For active-backup mode, we transmit on one and only one interface. However, we might still receive traffic on the backup interface. We should drop them and strictly process incoming traffic on only the active interface. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Idb6b798b30033e84044b151c616be3c157329731
-rw-r--r--src/vnet/bonding/node.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/src/vnet/bonding/node.c b/src/vnet/bonding/node.c
index 9f6579cda89..de720706822 100644
--- a/src/vnet/bonding/node.c
+++ b/src/vnet/bonding/node.c
@@ -28,6 +28,7 @@ bond_main_t bond_main;
#define foreach_bond_input_error \
_(NONE, "no error") \
_(IF_DOWN, "interface down") \
+ _(PASSIVE_IF, "traffic received on passive interface") \
_(PASS_THRU, "pass through (CDP, LLDP, slow protocols)")
typedef enum
@@ -158,10 +159,20 @@ bond_update_next (vlib_main_t * vm, vlib_node_runtime_t * node,
ASSERT (bif);
ASSERT (vec_len (bif->slaves));
- if (PREDICT_TRUE (bif->admin_up == 0))
+ if (PREDICT_FALSE (bif->admin_up == 0))
{
*bond_sw_if_index = slave_sw_if_index;
*error = node->errors[BOND_INPUT_ERROR_IF_DOWN];
+ return;
+ }
+
+ if (PREDICT_FALSE ((bif->mode == BOND_MODE_ACTIVE_BACKUP) &&
+ vec_len (bif->active_slaves) &&
+ (slave_sw_if_index != bif->active_slaves[0])))
+ {
+ *bond_sw_if_index = slave_sw_if_index;
+ *error = node->errors[BOND_INPUT_ERROR_PASSIVE_IF];
+ return;
}
*bond_sw_if_index = bif->sw_if_index;