Skip to content

Commit

Permalink
bpf: egressgw: clarify egress ifindex for BPF redirect
Browse files Browse the repository at this point in the history 
When the FIB lookup in to-netdev returns the same ifindex as the current
interface, we want to skip the redirect. But that doesn't apply for the
lookup in from-overlay - here we *always* need to redirect to the selected
interface.

As we previously handled the !is_defined(HAVE_FIB_IFINDEX) case, we can
pass oif = 0 and trust that fib_do_redirect() will always use the ifindex
from the fib_params.

Signed-off-by: Julian Wiedmann <jwi@isovalent.com>
  • Loading branch information
@julianwiedmann @Pionerd
julianwiedmann authored and Pionerd committed Feb 13, 2024
1 parent ae75ab6 commit 243404c
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions bpf/lib/egress_gateway.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ int egress_gw_fib_lookup_and_redirect(struct __ctx_buff *ctx, __be32 egress_ip,
__s8 *ext_err)
{
struct bpf_fib_lookup_padded fib_params = {};
__u32 old_oif = ctx_get_ifindex(ctx);
int oif = 0;

*ext_err = (__s8)fib_lookup_v4(ctx, &fib_params, egress_ip, daddr, 0);

Expand All @@ -49,10 +49,11 @@ int egress_gw_fib_lookup_and_redirect(struct __ctx_buff *ctx, __be32 egress_ip,
return DROP_NO_FIB;
}

if (old_oif == fib_params.l.ifindex)
/* Skip redirect in to-netdev if we stay on the same iface: */
if (is_defined(IS_BPF_HOST) && fib_params.l.ifindex == ctx_get_ifindex(ctx))
return CTX_ACT_OK;

return fib_do_redirect(ctx, true, &fib_params, false, ext_err, (int *)&old_oif);
return fib_do_redirect(ctx, true, &fib_params, false, ext_err, &oif);
}

#ifdef ENABLE_EGRESS_GATEWAY
Expand Down

0 comments on commit 243404c

Please sign in to comment.