git.baikalelectronics.ru Git - kernel.git/commit

author	Zang MingJie <zealot0630@gmail.com>
	Mon, 4 Mar 2013 06:07:34 +0000 (06:07 +0000)
committer	David S. Miller <davem@davemloft.net>
	Wed, 6 Mar 2013 07:47:05 +0000 (02:47 -0500)
commit	f38324142a1c4b724a47286c445bfdd604a25411
tree	24343cc232a0fdd1b343e0a45cdd453f981496f7	tree \| snapshot
parent	04de2a7aed0df5db0c8b0374251e9fa555ff3f28	commit \| diff

reset nf before xmit vxlan encapsulated packet

We should reset nf settings bond to the skb as ipip/ipgre do.

If not, the conntrack/nat info bond to the origin packet may continually
redirect the packet to vxlan interface causing a routing loop.

this is the scenario:

     VETP     VXLAN Gateway
    /----\  /---------------\
    |    |  |               |
    |  vx+--+vx --NAT-> eth0+--> Internet
    |    |  |               |
    \----/  \---------------/

when there are any packet coming from internet to the vetp, there will be lots
of garbage packets coming out the gateway's vxlan interface, but none actually
sent to the physical interface, because they are redirected back to the vxlan
interface in the postrouting chain of NAT rule, and dmesg complains:

    Mar  1 21:52:53 debian kernel: [ 8802.997699] Dead loop on virtual device vxlan0, fix it urgently!
    Mar  1 21:52:54 debian kernel: [ 8804.004907] Dead loop on virtual device vxlan0, fix it urgently!
    Mar  1 21:52:55 debian kernel: [ 8805.012189] Dead loop on virtual device vxlan0, fix it urgently!
    Mar  1 21:52:56 debian kernel: [ 8806.020593] Dead loop on virtual device vxlan0, fix it urgently!

the patch should fix the problem

Signed-off-by: Zang MingJie <zealot0630@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>