890 – lib/ip_frag: IPv4 options without copied bit set are present in all fragments

Bug 890 - lib/ip_frag: IPv4 options without copied bit set are present in all fragments

Summary: lib/ip_frag: IPv4 options without copied bit set are present in all fragments

Status:	UNCONFIRMED

Alias:	None

Product:	DPDK
Classification:	Unclassified
Component:	other (show other bugs)
Version:	21.11
Hardware:	All All

Importance:	Normal minor
Target Milestone:	---
Assignee:	dev

URL:

Depends on:
Blocks:

Reported:	2021-11-26 13:03 CET by Dariusz Sosnowski
Modified:	2021-11-26 14:20 CET (History)
CC List:	1 user (show)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Dariusz Sosnowski 2021-11-26 13:03:51 CET

As of 21.11-rc4 ip_fragmentation library implementation for IPv4 seems to ignore "copied" bit of IPv4 options. IPv4 options are copied over to all fragments regardless of "copied" bit set to 0.

Setup assumptions:

1) Two machines:
1.1) Machine A, with two ports, running dpdk-ip_fragmentation example application.
1.2) Machine B, with two ports, running scapy. Acts as a traffic generator.

Steps to reproduce:

1) Start examples/dpdk-ip_fragmentation application on machine A:

```
sudo ./build/examples/dpdk-ip_fragmentation -a 08:00.0 -a 08:00.1 -- -p 0x3 -q 1
```

2) Start sniffing for traffic using scapy on machine B:
3) Using scapy send a following packet, IP packet with additional NOP option with copy flag set to 0, from machine B:

```
packet = (
    Ether(src='0c:42:a1:d1:d1:8c', dst='0c:42:a1:d1:d0:48') /
    IP(src='100.10.0.1', dst='100.20.0.1', options=[IPOption(option=1, copy_flag=0), IPOption(option=0, copy_flag=0)]) /
    UDP(sport=55555, dport=12345) /
    Raw(load=b'a' * 2000)
)
```

What should happen:

1) Machine B should receive two IP fragments:
1.1) 1st fragment with IP options present.
1.2) 2nd fragment without IP options.

What actually happens:

1) Machine B receives two IP fragments with IP options present.

Comment 1 David Marchand 2021-11-26 13:25:55 CET

Can you clarify, is this a regression in 21.11 when compared to previous versions?

There was a proposal for handling IPv4 options, see: https://patchwork.dpdk.org/project/dpdk/patch/1637743626-70632-1-git-send-email-chcchc88@163.com/

Comment 2 Dariusz Sosnowski 2021-11-26 14:15:40 CET

No, this behaviour exists in previous versions as well.

From what I see, before 21.05 the IPv4 options were never copied. http://patches.dpdk.org/project/dpdk/patch/tencent_8FA596830F4F89E9E2169503B40DF0FF0307@qq.com/ introduced copying options to each fragment to 21.05.

I quickly went through the patch you mentioned and it is a step in the right direction and should fix the issue. However, with this patch, IPv4 options not meant to be copied will be substituted by NOOP option and in effect this reduces maximum datagram size for the following fragments. I am not sure if this is desirable in this case.

Comment 3 David Marchand 2021-11-26 14:20:37 CET

Please share your concerns on the mailing list by replying to this patch.

Note You need to log in before you can comment on or make changes to this bug.