diff options
author | Pierre Pfister <ppfister@cisco.com> | 2016-06-22 12:54:48 +0100 |
---|---|---|
committer | Chris Luke <chris_luke@comcast.com> | 2016-06-24 12:55:22 +0000 |
commit | 80ee21386cea217d0e9292d2a8b15ea88bf99d30 (patch) | |
tree | 69938e625f969b7d9c8352cdceb7430fa6ac2367 /vnet/vnet/l2tp/decap.c | |
parent | de393bb76d8c221e1145f62070f51a9ca4191f9f (diff) |
Add admin-up flag to L2TP tunnels and start tunnels set to down
L2TP tunnels use virtual interfaces but directly send
packets to l2-input node (not ethernet-input).
This node requires a bridge-domain to be associated with
the interface.
Past code was immediatly turning the interface up, but
some packets could be sent to l2-input without bridge domain
between interface creation and association with a bridge domain.
The tunnel is now created as down and has to be set up later
(typically after being associated with a bridge-domain).
Another option would have been to change the api and enforce
a bridge-domain to be specified before the tunnel, but this
is less flexible for the user.
Change-Id: I26d1f36bb4f327d9fa1c8044023f2210c4117904
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
Diffstat (limited to 'vnet/vnet/l2tp/decap.c')
-rw-r--r-- | vnet/vnet/l2tp/decap.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/vnet/vnet/l2tp/decap.c b/vnet/vnet/l2tp/decap.c index 54400281890..68b7fabe76d 100644 --- a/vnet/vnet/l2tp/decap.c +++ b/vnet/vnet/l2tp/decap.c @@ -27,7 +27,8 @@ _(USER_TO_NETWORK, "L2TP user (ip6) to L2 network pkts") \ _(SESSION_ID_MISMATCH, "l2tpv3 local session id mismatches") \ _(COOKIE_MISMATCH, "l2tpv3 local cookie mismatches") \ -_(NO_SESSION, "l2tpv3 session not found") +_(NO_SESSION, "l2tpv3 session not found") \ +_(ADMIN_DOWN, "l2tpv3 tunnel is down") static char * l2t_decap_error_strings[] = { #define _(sym,string) string, @@ -169,6 +170,12 @@ static inline u32 last_stage (vlib_main_t *vm, vlib_node_runtime_t *node, vnet_buffer(b)->sw_if_index[VLIB_RX] = session->sw_if_index; + if (PREDICT_FALSE(!(session->admin_up))) { + b->error = node->errors[L2T_DECAP_ERROR_ADMIN_DOWN]; + next_index = L2T_DECAP_NEXT_DROP; + goto done; + } + /* strip the ip6 and L2TP header */ vlib_buffer_advance (b, sizeof (*ip6) + session->l2tp_hdr_size); |