• stephen hemminger's avatar
    tunnel: drop packet if ECN present with not-ECT · eccc1bb8
    stephen hemminger authored
    Linux tunnels were written before RFC6040 and therefore never
    implemented the corner case of ECN getting set in the outer header
    and the inner header not being ready for it.
    
    Section 4.2.  Default Tunnel Egress Behaviour.
     o If the inner ECN field is Not-ECT, the decapsulator MUST NOT
          propagate any other ECN codepoint onwards.  This is because the
          inner Not-ECT marking is set by transports that rely on dropped
          packets as an indication of congestion and would not understand or
          respond to any other ECN codepoint [RFC4774].  Specifically:
    
          *  If the inner ECN field is Not-ECT and the outer ECN field is
             CE, the decapsulator MUST drop the packet.
    
          *  If the inner ECN field is Not-ECT and the outer ECN field is
             Not-ECT, ECT(0), or ECT(1), the decapsulator MUST forward the
             outgoing packet with the ECN field cleared to Not-ECT.
    
    This patch moves the ECN decap logic out of the individual tunnels
    into a common place.
    
    It also adds logging to allow detecting broken systems that
    set ECN bits incorrectly when tunneling (or an intermediate
    router might be changing the header).
    
    Overloads rx_frame_error to keep track of ECN related error.
    
    Thanks to Chris Wright who caught this while reviewing the new VXLAN
    tunnel.
    
    This code was tested by injecting faulty logic in other end GRE
    to send incorrectly encapsulated packets.
    Signed-off-by: default avatarStephen Hemminger <shemminger@vyatta.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    eccc1bb8
ip6_gre.c 42 KB