tnl-ports: Add destination IP and MAC address to the match.

Currently tnl-port table wildcard destination ip and mac addresses for given tunnel packet. That could result accepting tunnel packets destined for other hosts. Following patch adds support for matching for ip and mac address. IP address upates to tnl-port table are piggybacked on ovs-router updates. Reported-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2025-08-31 06:15:47 +00:00 · 2015-09-03 00:42:34 -07:00
parent c02819293d
commit 7f9b850474
5 changed files with 286 additions and 43 deletions
--- a/lib/dpif-netdev.c
+++ b/lib/dpif-netdev.c
@@ -65,6 +65,7 @@
 #include "sset.h"
 #include "timeval.h"
 #include "tnl-arp-cache.h"
+#include "tnl-ports.h"
 #include "unixctl.h"
 #include "util.h"
 #include "openvswitch/vlog.h"
@@ -2549,6 +2550,7 @@ dpif_netdev_run(struct dpif *dpif)
    dp_netdev_pmd_unref(non_pmd);

    tnl_arp_cache_run();
+    tnl_port_map_run();
    new_tnl_seq = seq_read(tnl_conf_seq);

    if (dp->last_tnl_conf_seq != new_tnl_seq) {