1
linux/net
Hans Schillstrom 714f095f74 ipvs: IPv6 tunnel mode
IPv6 encapsulation uses a bad source address for the tunnel.
i.e. VIP will be used as local-addr and encap. dst addr.
Decapsulation will not accept this.

Example
LVS (eth1 2003::2:0:1/96, VIP 2003::2:0:100)
   (eth0 2003::1:0:1/96)
RS  (ethX 2003::1:0:5/96)

tcpdump
2003::2:0:100 > 2003::1:0:5: IP6 (hlim 63, next-header TCP (6) payload length: 40)  2003::3:0:10.50991 > 2003::2:0:100.http: Flags [S], cksum 0x7312 (correct), seq 3006460279, win 5760, options [mss 1440,sackOK,TS val 1904932 ecr 0,nop,wscale 3], length 0

In Linux IPv6 impl. you can't have a tunnel with an any cast address
receiving packets (I have not tried to interpret RFC 2473)
To have receive capabilities the tunnel must have:
 - Local address set as multicast addr or an unicast addr
 - Remote address set as an unicast addr.
 - Loop back addres or Link local address are not allowed.

This causes us to setup a tunnel in the Real Server with the
LVS as the remote address, here you can't use the VIP address since it's
used inside the tunnel.

Solution
Use outgoing interface IPv6 address (match against the destination).
i.e. use ip6_route_output() to look up the route cache and
then use ipv6_dev_get_saddr(...) to set the source address of the
encapsulated packet.

Additionally, cache the results in new destination
fields: dst_cookie and dst_saddr and properly check the
returned dst from ip6_route_output. We now add xfrm_lookup
call only for the tunneling method where the source address
is a local one.

Signed-off-by:Hans Schillstrom <hans.schillstrom@ericsson.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-10-19 10:38:48 +02:00
..
9p net/9p/trans_fd.c: Fix unsigned return type 2010-09-06 18:48:42 -07:00
802 Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-04-11 14:53:53 -07:00
8021q vlan: Use vlan_dev_real_dev in vlan_hwaccel_do_receive 2010-08-31 13:37:05 -07:00
appletalk Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-04-11 14:53:53 -07:00
atm atm: remove a net_device_stats clear 2010-08-19 00:14:36 -07:00
ax25 Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-09 22:27:33 -07:00
bluetooth net: poll() optimizations 2010-09-06 18:48:45 -07:00
bridge Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-09 22:27:33 -07:00
caif Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-09 22:27:33 -07:00
can net: simplify flags for tx timestamping 2010-08-19 00:08:30 -07:00
core flow: better memory management 2010-09-13 20:02:50 -07:00
dcb include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
dccp dccp ccid-3: use per-route RTO or TCP RTO as fallback 2010-08-30 13:45:28 -07:00
decnet net/decnet: Adjust confusing if indentation 2010-08-16 21:06:30 -07:00
dns_resolver DNS: If the DNS server returns an error, allow that to be cached [ver #2] 2010-08-11 17:11:28 +00:00
dsa phylib: available for any speed ethernet 2010-08-11 23:03:50 -07:00
econet econet: kill unnecessary spin_lock_init() 2010-08-28 15:37:03 -07:00
ethernet net: use scnprintf() to avoid potential buffer overflow 2010-08-26 14:11:49 -07:00
ieee802154 ieee802154: Fix possible NULL pointer dereference in wpan_phy_alloc 2010-05-23 23:11:07 -07:00
ipv4 netfilter: fix kconfig unmet dependency warning 2010-10-18 11:13:30 +02:00
ipv6 netfilter: fix kconfig unmet dependency warning 2010-10-18 11:13:30 +02:00
ipx include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
irda Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-09 22:27:33 -07:00
iucv net: use __packed annotation 2010-06-03 03:21:52 -07:00
key pfkey: add severity to printk 2010-05-17 23:23:13 -07:00
l2tp Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-09 22:27:33 -07:00
lapb include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
llc Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-05-12 00:05:35 -07:00
mac80211 Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-09 22:27:33 -07:00
netfilter ipvs: IPv6 tunnel mode 2010-10-19 10:38:48 +02:00
netlabel net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
netlink netlink: Make NETLINK_USERSOCK work again. 2010-08-31 09:51:37 -07:00
netrom net: sk_sleep() helper 2010-04-20 16:37:13 -07:00
packet net: simplify flags for tx timestamping 2010-08-19 00:08:30 -07:00
phonet Phonet: do not set POLLOUT in case of send buffer overflow 2010-08-31 13:04:33 -07:00
rds RDS: Implement masked atomic operations 2010-09-08 18:16:51 -07:00
rfkill Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-04-11 14:53:53 -07:00
rose net/rose: Use GFP_ATOMIC 2010-08-01 00:32:12 -07:00
rxrpc Add a dummy printk function for the maintenance of unused printks 2010-08-12 09:51:35 -07:00
sched netfilter: xtables: resolve indirect macros 3/3 2010-10-13 18:00:46 +02:00
sctp Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-09 22:27:33 -07:00
sunrpc Merge branch 'bugfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6 2010-08-18 15:45:23 -07:00
tipc tipc: Optimize handling excess content on incoming messages 2010-09-09 21:34:14 -07:00
unix Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-09 22:27:33 -07:00
wanrouter net: autoconvert trivial BKL users to private mutex 2010-07-12 20:21:47 -07:00
wimax Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2010-05-20 21:04:44 -07:00
wireless Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-09 22:27:33 -07:00
x25 X25: Remove bkl in sockopts 2010-05-17 17:39:28 -07:00
xfrm xfrm_user: avoid a warning with some compiler 2010-09-01 14:29:35 -07:00
compat.c From abbffa2aa9bd6f8df16d0d0a102af677510d8b9a Mon Sep 17 00:00:00 2001 2010-06-03 20:03:40 -07:00
Kconfig DNS: Separate out CIFS DNS Resolver code 2010-08-05 17:17:51 +00:00
Makefile DNS: Separate out CIFS DNS Resolver code 2010-08-05 17:17:51 +00:00
nonet.c
socket.c net: remove address space warnings in net/socket.c 2010-09-08 13:46:13 -07:00
sysctl_net.c net: Remove unnecessary returns from void function()s 2010-05-17 23:23:14 -07:00
TUNABLE