Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow IS-IS packets to pass unmolested #583

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Allow IS-IS packets to pass unmolested #583

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions src/rust/lqos_sys/src/bpf/common/dissector.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -159,8 +159,8 @@ static __always_inline bool dissector_find_l3_offset(
return true;
}

// Fast return for ARP or non-802.3 ether types
if (eth_type == ETH_P_ARP || eth_type < ETH_P_802_3_MIN)
// Fast return for ARP or non-802.3 ether types (0xFEFE is IS-IS)
if (eth_type == ETH_P_ARP || eth_type < ETH_P_802_3_MIN || eth_type == 0xFEFE)
{
return false;
}
Expand Down
13 changes: 7 additions & 6 deletions src/rust/lqos_sys/src/bpf/common/dissector_tc.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,13 @@ static __always_inline bool tc_dissector_find_l3_offset(
__u32 offset = sizeof(struct ethhdr);
__u16 eth_type = bpf_ntohs(dissector->ethernet_header->h_proto);

// Fast return for ARP or non-802.3 ether types/
// 0xFEFE is the ethertype used to ISIS
if (eth_type == ETH_P_ARP || eth_type < ETH_P_802_3_MIN || eth_type == 0xFEFE)
{
return false;
}

// Fast return for unwrapped IP
if (eth_type == ETH_P_IP || eth_type == ETH_P_IPV6)
{
Expand All @@ -85,12 +92,6 @@ static __always_inline bool tc_dissector_find_l3_offset(
return true;
}

// Fast return for ARP or non-802.3 ether types
if (eth_type == ETH_P_ARP || eth_type < ETH_P_802_3_MIN)
{
return false;
}

// Walk the headers until we find IP
__u8 i = 0;
while (i < 10 && !is_ip(eth_type))
Expand Down
5 changes: 4 additions & 1 deletion src/rust/lqos_sys/src/bpf/lqos_kern.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ int xdp_prog(struct xdp_md *ctx)
bpf_debug("(XDP) Scan VLANs: %u %u", internet_vlan, isp_vlan);
#endif
// If the dissector is unable to figure out what's going on, bail
// out.
// out. This specifically permits non-IP packets to pass unmolested.
if (!dissector_new(ctx, &dissector)) return XDP_PASS;

// Note that this step rewrites the VLAN tag if redirection
Expand Down Expand Up @@ -308,6 +308,9 @@ int tc_iphash_to_cpu(struct __sk_buff *skb)
// we probably don't want to drop it - to ensure that IS-IS, ARP, STP
// and other packet types are still handled by the default queues.
struct tc_dissector_t dissector = {0};
// If the dissector returns false, return TC_ACT_OK to pass the packet
// unmolested/unshaped. This is designed to pass STP and similar non-IP
// traffic.
if (!tc_dissector_new(skb, &dissector)) return TC_ACT_OK;
if (!tc_dissector_find_l3_offset(&dissector)) return TC_ACT_OK;
if (!tc_dissector_find_ip_header(&dissector)) return TC_ACT_OK;
Expand Down
Loading