Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Forwarding more packets then sending #1071

Open
Enneking666 opened this issue Oct 25, 2024 · 0 comments
Open

Forwarding more packets then sending #1071

Enneking666 opened this issue Oct 25, 2024 · 0 comments

Comments

@Enneking666
Copy link

Hello,
i have a problem with my forwarding in kernel space using aya ebpf and tokio and thought maybe someone here knows why this happens.
for the ebpf program i use a simple stream_verdict to forward to another hashmap entry

#![no_std]
#![no_main]

use aya_ebpf::{
    macros::{map, stream_verdict},
    maps::SockHash,
    programs::SkBuffContext,
};
use aya_forwarder_common::SocketKey;
use aya_log_ebpf::info;

#[map(name = "INTERCEPT_EGRESS")]
static mut INTERCEPT_EGRESS: SockHash<SocketKey> = SockHash::with_max_entries(8, 0);

#[stream_verdict]
pub fn aya_forwarder(ctx: SkBuffContext) -> u32 {
    let mut key = SocketKey {
        ip: u32::from_be(ctx.skb.remote_ipv4()),
        port: u32::from_be(ctx.skb.remote_port()),
    };
    unsafe { INTERCEPT_EGRESS.redirect_skb(&ctx, &mut key, 0) as u32 }
}


#[cfg(not(test))]
#[panic_handler]
fn panic(_info: &core::panic::PanicInfo) -> ! {
    loop {}
}

i then create the entries like this

   
        self.sock_hash
            .insert(
                Self::create_key(&egress_stream),
                ingress_stream.as_raw_fd(),
                0,
            )
            .unwrap();

        println!("set egress hash entry");
        self.sock_hash
            .insert(
                Self::create_key(&ingress_stream),
                egress_stream.as_raw_fd(),
                0,
            )
            .unwrap();

i can show more of the connecting and accepting code to create the streams but that is very basic so for brevity only on request.
then for writing i use a simple write_all call on a Vec
for reading i use the TcpStream read function with a [u8; 65535] buffer.

this is just a testing program and all addresses are on local host with different ports for the client, server and the proxy.
This works completely fine and as expected.
But for big data. (>~ 50mb) i read more then the send bytes to the server stream.
eg when sending 50 mb i will receive 50 mb in the kernel program but on the listener on the egress i will receive usually some thousand bytes more than that so eg 50,001,245 byte.
As already described the kernel receives the correct amount so it must happen somewhere from the hashmap redirect_skb to the TcpStream read();
if you need i can certainly provide more of the code
@Enneking666 Enneking666 changed the title Forwarding more packets then receiving Forwarding more packets then sending Oct 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Enneking666