From 54eda4bcb80cfbaee16b26fad521d6ead5e0a518 Mon Sep 17 00:00:00 2001 From: Alexander Chernavin Date: Tue, 14 Jan 2020 06:11:42 -0500 Subject: [PATCH] nat: fix dhcp client on outside interface with output feature There was an attempt to fix this problem in the commit: d3b8c861a44e70c197ab721fa3ce7f38bbeab7fd But checking the LOCALLY_ORIGINATED flag didn't work because this flag gets reset before it can reach the NAT nodes. With this commit, replace the check for the LOCALLY_ORIGINATED flag with a check to see if the packet is a DHCP broadcast. Type: fix Change-Id: I069c08a785b5988b10192f528e4f9c4c7cc2f8a3 Signed-off-by: Alexander Chernavin --- src/plugins/nat/in2out.c | 18 +++++++++--------- src/plugins/nat/in2out_ed.c | 18 +++++++++--------- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/src/plugins/nat/in2out.c b/src/plugins/nat/in2out.c index 8d6f124f51b..7b712523f29 100755 --- a/src/plugins/nat/in2out.c +++ b/src/plugins/nat/in2out.c @@ -1043,11 +1043,11 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - ((b0->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED) - && proto0 == SNAT_PROTOCOL_UDP + (proto0 == SNAT_PROTOCOL_UDP && (vnet_buffer (b0)->ip.reass.l4_dst_port == clib_host_to_net_u16 - (UDP_DST_PORT_dhcp_to_server)))) + (UDP_DST_PORT_dhcp_to_server)) + && ip0->dst_address.as_u32 == 0xffffffff)) goto trace00; } else @@ -1251,11 +1251,11 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - ((b1->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED) - && proto1 == SNAT_PROTOCOL_UDP + (proto1 == SNAT_PROTOCOL_UDP && (vnet_buffer (b1)->ip.reass.l4_dst_port == clib_host_to_net_u16 - (UDP_DST_PORT_dhcp_to_server)))) + (UDP_DST_PORT_dhcp_to_server)) + && ip1->dst_address.as_u32 == 0xffffffff)) goto trace01; } else @@ -1492,11 +1492,11 @@ snat_in2out_node_fn_inline (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - ((b0->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED) - && proto0 == SNAT_PROTOCOL_UDP + (proto0 == SNAT_PROTOCOL_UDP && (vnet_buffer (b0)->ip.reass.l4_dst_port == clib_host_to_net_u16 - (UDP_DST_PORT_dhcp_to_server)))) + (UDP_DST_PORT_dhcp_to_server)) + && ip0->dst_address.as_u32 == 0xffffffff)) goto trace0; } else diff --git a/src/plugins/nat/in2out_ed.c b/src/plugins/nat/in2out_ed.c index ebcd29852bb..e52411094c2 100644 --- a/src/plugins/nat/in2out_ed.c +++ b/src/plugins/nat/in2out_ed.c @@ -1001,11 +1001,11 @@ nat44_ed_in2out_node_fn_inline (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - ((b0->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED) - && proto0 == SNAT_PROTOCOL_UDP + (proto0 == SNAT_PROTOCOL_UDP && (vnet_buffer (b0)->ip.reass.l4_dst_port == clib_host_to_net_u16 - (UDP_DST_PORT_dhcp_to_server)))) + (UDP_DST_PORT_dhcp_to_server)) + && ip0->dst_address.as_u32 == 0xffffffff)) goto trace00; } else @@ -1245,11 +1245,11 @@ nat44_ed_in2out_node_fn_inline (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - ((b1->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED) - && proto1 == SNAT_PROTOCOL_UDP + (proto1 == SNAT_PROTOCOL_UDP && (vnet_buffer (b1)->ip.reass.l4_dst_port == clib_host_to_net_u16 - (UDP_DST_PORT_dhcp_to_server)))) + (UDP_DST_PORT_dhcp_to_server)) + && ip1->dst_address.as_u32 == 0xffffffff)) goto trace01; } else @@ -1538,11 +1538,11 @@ nat44_ed_in2out_node_fn_inline (vlib_main_t * vm, * be able to use dhcp client on the outside interface */ if (PREDICT_FALSE - ((b0->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED) - && proto0 == SNAT_PROTOCOL_UDP + (proto0 == SNAT_PROTOCOL_UDP && (vnet_buffer (b0)->ip.reass.l4_dst_port == clib_host_to_net_u16 - (UDP_DST_PORT_dhcp_to_server)))) + (UDP_DST_PORT_dhcp_to_server)) + && ip0->dst_address.as_u32 == 0xffffffff)) goto trace0; } else -- 2.16.6