Age | Commit message (Collapse) | Author | Files | Lines |
|
ICMP error messages are translated to ICMPv6 error messages with
erroneous destination address in the outer IPv6 header because sender
port is used instead of receiver port.
Both source and destination addresses in the inner IPv6 header are
translated erroneously because source and destination addresses of the
inner IPv4 header are getting zeroed during the translation.
With this commit, use receiver port for translation and save addresses
of the inner IPv4 header before translation of the inner header.
Type: fix
Change-Id: I1e93d54c1bbc154b401adcbb0fb661299655d01a
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
type should be used to get ICMP type instead of code.
Type: fix
Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: Iabf4ae38befde18309caff8efd9e1d956a2fde82
|
|
With this commit, forward the translated packet directly to the
specified next-hop if pre-resolve param is enabled in MAP-T.
Type: fix
Change-Id: Ie26080c7820318c7982599577a4af6e4d01a0574
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
With this commit, ICMP Time Exceeded is sent to sender when TTL
expires at MAP BR.
Type: fix
Change-Id: I8effe163beab32596883127b819308cc355512c3
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
When MTU is not set, ignore_df and mtu check
always returns true and packets are dropped.
This patch puts MTU checks after it was
compared with 0 and set to maximum if not set.
Added trace node.
If MTU is less than the total length value of
the IPv4 packet plus 20, the translator MUST
send an ICMPv4 "Fragmentation Needed" error message
to the IPv4 source address
Type: fix
Fixes: 87663cdf644fb7c94c0fec9460829b7e4e7c35ca
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: I35b99bc2648984cdbf5b6a57ddec91c586b15bef
|
|
ip4_is_fragment(header)
or ip4_is_first_fragment(header) didn't changed
when packet with fragmentation needed arrives.
This patch checks DF flag and MTU with packet
length and if DF is set and length > MTU, packet
is dropped. In case if ignore_df is set, DF flag
makes no sense.
Type: fix
Fixes: d6d50cebde647f9a5ee7251a7fef977506f315d7
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: I720e25167c19a0b13ac5fdfb41b12c0bbdc00d09
|
|
Remove NAT's implementation of shallow virtual reassembly with
corresponding CLIs, APIs & tests. Replace with standalone shallow
virtual reassembly provided by ipX-sv-reass* nodes.
Type: refactor
Change-Id: I7e6c7487a5a500d591f6871474a359e0993e59b6
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
This provides a functional interface to IP fragmentation.
Allowing external features to fragment. Supports
arbitrary encap size, for e.g. MPLS or inner fragmentation
of tunnels.
This also removed dual loop in MAP that was fundamentally broken.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ia89ecec8ee3cbe2416edbe87630fdb714898c2a8
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
This patch allows ip4-map-t plugin to drop
packets if DF flag is set and packet size
is bigger than MTU
Type: fix
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: I0c1531a1f876d9efc8e7e2bff9804f298becdb68
|
|
This change is part of an effort to unify reassembly code. By removing
shallow virtual reassembly functionality in MAP and using the common
vnet provided shallow virtual reassembly, code size and complexity
is reduced.
Type: refactor
Change-Id: Iec8edd039f7b967b53e17bb9bca228a8b452ac0c
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I25c86aea23dff19656449b23133db27b1f062ac0
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I3c77cadaa7b677073af00407f368bd48d703fdac
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
This reverts commit 0ae15ed43aaa600a75ca4c154bc62478820c00b4.
Re-add MAP CE support later. This patch polluted the code
with too many if (ce) ...
Change-Id: Ia0ffd6fdb452aa5d30abec57772c17fc16fb0dbd
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
And more unit-tests.
Change-Id: I4667d82d928b7ba8d96b5a5648d464115b3ed216
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
- Error where ICMPv6 error code doesn't reset VLIB_TX = -1
Leading to crash for ICMP generated on tunnelled packets
- Missed setting VNET_BUFFER_F_LOCALLY_ORIGINATED, so
IP in IPv6 packets never got fragmented.
- Add support for fragmentation of buffer chains.
- Remove support for inner fragmentation in frag code itself.
Change-Id: If9a97301b7e35ca97ffa5c0fada2b9e7e7dbfb27
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
It is cheaper to get thread index from vlib_main_t if available...
Change-Id: I4582e160d06d9d7fccdc54271912f0635da79b50
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Only remaining traces of MAP in the src/vnet is now in buffer.h.
Awaiting a new buffer opaque API (hint, hint).
Change-Id: Ie165561484731f1d7ed6e0f604b43624e06db3f0
Signed-off-by: Ole Troan <ot@cisco.com>
|