When someone sends the attached packet to a switch, it generates an infinite loop of packet_ins in our production network. This is because this incoming tcp packet has nw_proto=6 and tcp port numbers of "0", but outgoing flow_mod has nw_proto of "0" and tcp port numbers of "0". So, the packet_out generates a new packet_in and this loop continues forever.
I see the following code in src/lib/flow.cc (both in NOX-Zaku and
SNAC). I believe this is what is causing the nw_proto to be "0" in the
flow_mod. I'm not sure who wrote that piece of code. This is not
handling corrupted packets well and rejecting this packet as a invalid
TCP packet. Does anyone see problems with removing the "else" clause?
if (nw_proto == ip_::proto::TCP) {
const tcp_header *tcp = pull_tcp(b);
if (tcp) {
tp_src = tcp->tcp_src;
tp_dst = tcp->tcp_dst;
} else {
/* Avoid tricking other code into thinking that
* this packet has an L4 header. */
nw_proto = 0;
}
}
FYI, pull_tcp is defined as below:
static const tcp_header * pull_tcp(Buffer& b)
{
if (const tcp_header *tcp = b.try_at<tcp_header>(0)) {
int tcp_len = TCP_OFFSET(tcp->tcp_ctl) * 4;
if (tcp_len >= sizeof *tcp) {
return reinterpret_cast<const tcp_header*>(b.try_pull(tcp_len));
}
}
return 0;
}
<<attachment: packet_with_bad_tcp_offset.PNG>>
_______________________________________________ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
