aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/nat
diff options
context:
space:
mode:
authorJon Loeliger <jdl@netgate.com>2019-12-19 09:03:52 -0600
committerJohn Lo <loj@cisco.com>2019-12-19 19:44:54 +0000
commitb22e1f06bbebc48ec72ce8effa529e69ffbb12ca (patch)
treeeede5ef8299286c1b9362ea0325151225ebc9e01 /src/plugins/nat
parentb4f073cd44d308ec1b9d582f8e4ca2ee3c1bf9b6 (diff)
interface: Prevent bad inner-dot1q any exact-match configuration
Someone much more knowledgeable than I wrote: For L3 IP forwarding, any VLAN tags on a packet must be exact match to a sub-interface which means both outer and inner VLAN tag IDs must be exact-matched to specific values defined of that sub-interface. Without exact match on a L3 sub-interface, VPP has no mechanism to know what VLAN tags to use for packet output, such as ARP request packets or IP packets, on that sub-interface. Thus, sub-interface with "inner-dot1q any" is not an exact match sub-interface by definition since no match is present on inner tag. While in the area, fix a memory leak that would ensue on poorly configured interfaces. Change-Id: I8d17a96dbca3e3724c297ecc935ca61764e6ce2e Type: fix Signed-off-by: Jon Loeliger <jdl@netgate.com>
Diffstat (limited to 'src/plugins/nat')
0 files changed, 0 insertions, 0 deletions