return 1;
}
+// Compare two ethernet macs. Return 1 if they are the same, 0 if different
+always_inline u32
+eth_mac_equal (u8 * mac1, u8 * mac2) {
+ return (*((u32 *)(mac1+0)) == *((u32 *)(mac2+0)) &&
+ *((u32 *)(mac1+2)) == *((u32 *)(mac2+2)));
+}
+
+
always_inline ethernet_main_t *
vnet_get_ethernet_main (void)
{
} ethernet_input_variant_t;
-// Compare two ethernet macs. Return 1 if they are the same, 0 if different
-static_always_inline u32
-eth_mac_equal (u8 * mac1, u8 * mac2) {
- return (*((u32 *)(mac1+0)) == *((u32 *)(mac2+0)) &&
- *((u32 *)(mac1+2)) == *((u32 *)(mac2+2)));
-}
-
-
// Parse the ethernet header to extract vlan tags and innermost ethertype
static_always_inline void
parse_header (ethernet_input_variant_t variant,
#include <vnet/l2/l2_input.h>
#define TO_BVI_ERR_OK 0
-#define TO_BVI_ERR_TAGGED 1
+#define TO_BVI_ERR_BAD_MAC 1
#define TO_BVI_ERR_ETHERTYPE 2
// Send a packet from L2 processing to L3 via the BVI interface.
u8 l2_len;
u16 ethertype;
u8 * l3h;
+ ethernet_header_t * e0;
+ vnet_hw_interface_t * hi;
+
+ e0 = vlib_buffer_get_current (b0);
+ hi = vnet_get_sup_hw_interface (vnet_main, bvi_sw_if_index);
+
+ // Perform L3 my-mac filter
+ if ((!ethernet_address_cast(e0->dst_address)) &&
+ (!eth_mac_equal((u8 *)e0, hi->hw_address))) {
+ return TO_BVI_ERR_BAD_MAC;
+ }
// Save L2 header position which may be changed due to packet replication
vnet_buffer (b0)->ethernet.start_of_ethernet_header = b0->current_data;
_(L2FLOOD, "L2 flood packets") \
_(REPL_FAIL, "L2 replication failures") \
_(NO_MEMBERS, "L2 replication complete") \
-_(BVI_TAGGED, "BVI packet with vlan tag") \
+_(BVI_BAD_MAC, "BVI L3 mac mismatch") \
_(BVI_ETHERTYPE, "BVI packet with unhandled ethertype")
typedef enum {
next0);
if (PREDICT_FALSE(rc)) {
- if (rc == TO_BVI_ERR_TAGGED) {
- b0->error = node->errors[L2FLOOD_ERROR_BVI_TAGGED];
+ if (rc == TO_BVI_ERR_BAD_MAC) {
+ b0->error = node->errors[L2FLOOD_ERROR_BVI_BAD_MAC];
*next0 = L2FLOOD_NEXT_DROP;
} else if (rc == TO_BVI_ERR_ETHERTYPE) {
b0->error = node->errors[L2FLOOD_ERROR_BVI_ETHERTYPE];
_(L2FWD, "L2 forward packets") \
_(FLOOD, "L2 forward misses") \
_(HIT, "L2 forward hits") \
-_(BVI_TAGGED, "BVI packet with vlan tag") \
+_(BVI_BAD_MAC, "BVI L3 MAC mismatch") \
_(BVI_ETHERTYPE, "BVI packet with unhandled ethertype") \
_(FILTER_DROP, "Filter Mac Drop") \
_(REFLECT_DROP, "Reflection Drop")
next0);
if (PREDICT_FALSE(rc)) {
- if (rc == TO_BVI_ERR_TAGGED) {
- b0->error = node->errors[L2FWD_ERROR_BVI_TAGGED];
+ if (rc == TO_BVI_ERR_BAD_MAC) {
+ b0->error = node->errors[L2FWD_ERROR_BVI_BAD_MAC];
*next0 = L2FWD_NEXT_DROP;
} else if (rc == TO_BVI_ERR_ETHERTYPE) {
b0->error = node->errors[L2FWD_ERROR_BVI_ETHERTYPE];
Code Review / vpp.git / commitdiff