[Click] [Bug] patchless click misbehaving with recent Linux kernel vlan changes
Paul Pearce
pearce at cs.berkeley.edu
Tue Jan 15 16:15:22 EST 2013
Thanks for the response.
> It sounds like you are running at userlevel, and that you are using METHOD
> PCAP (which is the default in recent versions)? Do let us know if you
> discover more. You could also try METHOD LINUX, although this is slower than
> pcap I believe.
Yes I am at userlevel and was using METHOD PCAP.
I just tried using METHOD LINUX and the problem persists.
Summary: The problem is still not resolved by either the linux kernel
or libpcap, and although it's not directly a click problem, it does
impact packets generated by click.
Details:
-In Linux 3.0 and later RX packets had their vlan headers stripped and
added to the skb meta data (skb->vlan_tci). This created a bug where
libpcap was unable to perform any kernel based filtering based on
vlans.
-In Linux 3.8 a new BPF ancillary function will be introduced to give
BPF access to the skb->vlan_tci
-A RFC's patch on the libpcap mailing list gives libpcap the ability
to generate kernel packet filters that use skb->vlan_tci
-TX packets (**which is the category injected click packets fall
into**) do not have skb->vlan_tci set, which is the current sticking
point.
The current issue is the libpcap developers feel that TX packets
should have the same properties as RX packet. They feel that libpcap
should be able to generate a single filter that looks at
skb->vlan_tci. The linux kernel developers disagree and suggest that
libpcap generate filter code that checks skb->vlan_tci, and if that is
not set falls back to the old method of probing the headers. I do not
think I'm knowledgeable enough of either code base to comment on which
side is right. Although I will say I'm a bit confused about why TX
skb->vlan_tci isn't set.
And that's where the issue stands. Neither side is commenting on the
issue further, and no patches have been submitted. As far as I can
tell I'm the only one who has a vested interest in fixing this. =)
As a temporary workaround I discovered if I Tee all packets and send
them to a fake TUN interface (ToHost) and attach libpcap to that
interface, all packets have skb->vlan_tci set and the RFC's libpcap
patch works. So I've been using that as a stop-gap.
More information about the click
mailing list