1
linux/net
Nicolas Dichtel f4e0b4c5e1 ip6tnl/sit: drop packet if ECN present with not-ECT
This patch reports the change made by Stephen Hemminger in ipip and gre[6] in
commit eccc1bb8d4 (tunnel: drop packet if ECN present with not-ECT).

Goal is to handle RFC6040, Section 4.2:

Default Tunnel Egress Behaviour.
 o If the inner ECN field is Not-ECT, the decapsulator MUST NOT
      propagate any other ECN codepoint onwards.  This is because the
      inner Not-ECT marking is set by transports that rely on dropped
      packets as an indication of congestion and would not understand or
      respond to any other ECN codepoint [RFC4774].  Specifically:

      *  If the inner ECN field is Not-ECT and the outer ECN field is
         CE, the decapsulator MUST drop the packet.

      *  If the inner ECN field is Not-ECT and the outer ECN field is
         Not-ECT, ECT(0), or ECT(1), the decapsulator MUST forward the
         outgoing packet with the ECN field cleared to Not-ECT.

The patch takes benefits from common function added in net/inet_ecn.h.

Like it was done for Xin4 tunnels, it adds logging to allow detecting broken
systems that set ECN bits incorrectly when tunneling (or an intermediate
router might be changing the header). Errors are also tracked via
rx_frame_error.

CC: Stephen Hemminger <shemminger@vyatta.com>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-11-28 11:37:11 -05:00
..
9p The following changes since commit 4cbe5a555f: 2012-10-12 09:59:23 +09:00
802
8021q net: Allow the userns root to control vlans. 2012-11-18 20:33:00 -05:00
appletalk
atm atm: br2684: Fix excessive queue bloat 2012-11-26 17:13:56 -05:00
ax25
batman-adv batman-adv: Use packing of 2 for all headers before an ethernet header 2012-11-21 12:35:47 +01:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-11-17 22:00:43 -05:00
bridge net: Enable a userns root rtnl calls that are safe for unprivilged users 2012-11-18 20:33:36 -05:00
caif caif: Remove redundant null check before kfree in cfctrl.c 2012-11-20 13:48:09 -05:00
can net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
ceph Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client 2012-10-29 08:49:25 -07:00
core sockopt: Change getsockopt() of SO_BINDTODEVICE to return an interface name 2012-11-26 17:22:14 -05:00
dcb net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
dccp tcp: better retrans tracking for defer-accept 2012-11-03 14:45:00 -04:00
decnet net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
dns_resolver Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
dsa dsa: Hide core config options; make drivers select what they need 2012-11-26 17:10:44 -05:00
ethernet
ieee802154
ipv4 ipv4/ipmr and ipv6/ip6mr: Convert int mroute_do_<foo> to bool 2012-11-25 16:34:17 -05:00
ipv6 ip6tnl/sit: drop packet if ECN present with not-ECT 2012-11-28 11:37:11 -05:00
ipx
irda Merge 3.7-rc1 into tty-linus 2012-10-14 22:41:27 -07:00
iucv
key net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm 2012-11-18 20:32:45 -05:00
l2tp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-11-10 18:32:51 -05:00
lapb
llc net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm 2012-11-18 20:32:45 -05:00
mac80211 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-11-25 12:49:17 -05:00
mac802154
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-11-25 12:49:17 -05:00
netlabel Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
netlink net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm 2012-11-18 20:32:45 -05:00
netrom
nfc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-11-25 12:49:17 -05:00
openvswitch
packet net: Allow userns root to control llc, netfilter, netlink, packet, and xfrm 2012-11-18 20:32:45 -05:00
phonet net: Push capable(CAP_NET_ADMIN) into the rtnl methods 2012-11-18 20:32:44 -05:00
rds net: rds: use this_cpu_* per-cpu helper 2012-11-19 18:59:44 -05:00
rfkill Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2012-10-02 13:38:27 -07:00
rose
rxrpc Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux 2012-10-14 13:39:34 -07:00
sched pkt_sched: QFQ Plus: fair-queueing service at DRR cost 2012-11-28 11:19:35 -05:00
sctp sctp: send abort chunk when max_retrans exceeded 2012-11-20 15:50:37 -05:00
sunrpc SUNRPC: return proper errno from backchannel_rqst 2012-11-01 11:50:53 -04:00
tipc tipc: delete TIPC_ADVANCED Kconfig variable 2012-11-22 14:33:29 -05:00
unix net: Don't export sysctls to unprivileged users 2012-11-18 20:30:55 -05:00
wanrouter
wimax
wireless Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-11-17 22:00:43 -05:00
x25
xfrm Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2012-11-22 15:25:55 -05:00
compat.c make get_file() return its argument 2012-09-26 21:10:25 -04:00
Kconfig
Makefile ipv6: Preserve ipv6 functionality needed by NET 2012-11-18 02:34:00 -05:00
nonet.c
socket.c cgroup: net_cls: Rework update socket logic 2012-10-26 03:40:51 -04:00
sysctl_net.c user_ns: get rid of duplicate code in net_ctl_permissions 2012-11-18 20:32:45 -05:00