From: Alexander Chernavin <achernavin@netgate.com>
Date: Thu, 23 Jan 2020 13:09:40 +0000 (-0500)
Subject: map: handle ip4 ttl=1 packets in map-t
X-Git-Tag: v20.09-rc0~697
X-Git-Url: https://gerrit.fd.io/r/gitweb?p=vpp.git;a=commitdiff_plain;h=56817e2c486a26167783676774b0dea9c103b200

map: handle ip4 ttl=1 packets in map-t

With this commit, ICMP Time Exceeded is sent to sender when TTL
expires at MAP BR.

Type: fix

Change-Id: I8effe163beab32596883127b819308cc355512c3
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
---

diff --git a/src/plugins/map/ip4_map_t.c b/src/plugins/map/ip4_map_t.c
index d243a45cd41..bb5aa451bc5 100644
--- a/src/plugins/map/ip4_map_t.c
+++ b/src/plugins/map/ip4_map_t.c
@@ -578,6 +578,16 @@ ip4_map_t (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
 
 	  dst_port0 = -1;
 
+	  if (PREDICT_FALSE (ip40->ttl == 1))
+	    {
+	      icmp4_error_set_vnet_buffer (p0, ICMP4_time_exceeded,
+					   ICMP4_time_exceeded_ttl_exceeded_in_transit,
+					   0);
+	      p0->error = error_node->errors[MAP_ERROR_TIME_EXCEEDED];
+	      next0 = IP4_MAPT_NEXT_ICMP_ERROR;
+	      goto trace;
+	    }
+
 	  bool df0 =
 	    ip40->flags_and_fragment_offset &
 	    clib_host_to_net_u16 (IP4_HEADER_FLAG_DONT_FRAGMENT);
diff --git a/src/plugins/map/map.h b/src/plugins/map/map.h
index 9581bd50fac..1f51a59aa2e 100644
--- a/src/plugins/map/map.h
+++ b/src/plugins/map/map.h
@@ -225,7 +225,8 @@ typedef struct
  _(FRAGMENT_MALFORMED, "fragment has unexpected format")\
  _(FRAGMENT_DROPPED, "dropped cached fragment")         \
  _(MALFORMED, "malformed packet")			\
- _(DF_SET, "can't fragment, DF set")
+ _(DF_SET, "can't fragment, DF set")			\
+ _(TIME_EXCEEDED, "time exceeded")			\
 
 typedef enum
 {
diff --git a/src/plugins/map/test/test_map.py b/src/plugins/map/test/test_map.py
index 03913ce1466..845d1d34bef 100644
--- a/src/plugins/map/test/test_map.py
+++ b/src/plugins/map/test/test_map.py
@@ -543,7 +543,7 @@ class TestMAP(VppTestCase):
         for p in rx:
             self.validate(p[1], p4_translated)
 
-        # IPv4 TTL
+        # IPv4 TTL=0
         ip4_ttl_expired = IP(src=self.pg0.remote_ip4, dst='192.168.0.1', ttl=0)
         p4 = (p_ether / ip4_ttl_expired / payload)
 
@@ -557,20 +557,19 @@ class TestMAP(VppTestCase):
         for p in rx:
             self.validate(p[1], icmp4_reply)
 
-        '''
-        This one is broken, cause it would require hairpinning...
-        # IPv4 TTL TTL1
+        # IPv4 TTL=1
         ip4_ttl_expired = IP(src=self.pg0.remote_ip4, dst='192.168.0.1', ttl=1)
         p4 = (p_ether / ip4_ttl_expired / payload)
 
-        icmp4_reply = IP(id=0, ttl=254, src=self.pg0.local_ip4,
-        dst=self.pg0.remote_ip4) / \
-        ICMP(type='time-exceeded', code='ttl-zero-during-transit' ) / \
-        IP(src=self.pg0.remote_ip4, dst='192.168.0.1', ttl=0) / payload
+        icmp4_reply = (IP(id=0, ttl=254, src=self.pg0.local_ip4,
+                          dst=self.pg0.remote_ip4) /
+                       ICMP(type='time-exceeded',
+                            code='ttl-zero-during-transit') /
+                       IP(src=self.pg0.remote_ip4,
+                          dst='192.168.0.1', ttl=1) / payload)
         rx = self.send_and_expect(self.pg0, p4*1, self.pg0)
         for p in rx:
             self.validate(p[1], icmp4_reply)
-        '''
 
         # IPv6 Hop limit
         ip6_hlim_expired = IPv6(hlim=0, src='2001:db8:1ab::c0a8:1:ab',