• Antoine Tenart's avatar
    vxlan: do not modify the shared tunnel info when PMTU triggers an ICMP reply · 30a93d2b
    Antoine Tenart authored
    When the interface is part of a bridge or an Open vSwitch port and a
    packet exceed a PMTU estimate, an ICMP reply is sent to the sender. When
    using the external mode (collect metadata) the source and destination
    addresses are reversed, so that Open vSwitch can match the packet
    against an existing (reverse) flow.
    
    But inverting the source and destination addresses in the shared
    ip_tunnel_info will make following packets of the flow to use a wrong
    destination address (packets will be tunnelled to itself), if the flow
    isn't updated. Which happens with Open vSwitch, until the flow times
    out.
    
    Fixes this by uncloning the skb's ip_tunnel_info before inverting its
    source and destination addresses, so that the modification will only be
    made for the PTMU packet, not the following ones.
    
    Fixes: fc68c995 ("vxlan: Support for PMTU discovery on directly bridged links")
    Tested-by: default avatarEelco Chaudron <echaudro@redhat.com>
    Reviewed-by: default avatarEelco Chaudron <echaudro@redhat.com>
    Signed-off-by: default avatarAntoine Tenart <atenart@kernel.org>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    30a93d2b
vxlan.c 121 KB