search

platinasystems / go

Other
9 stars 68 forks source link

GRE tunnel not working correctly #76

Open stigt opened 7 years ago

stigt commented 7 years ago

Using top of master branch 8/25/17.

First example using GRE light-weight tunnel between eth0 on invader1 to eth0 on invader11 (i.e. no tomahawk involved).

On inv1:

ip link add tun0 type gre external
ip link set tun0 up
ip add add 50.0.0.1/30 dev tun0
ip route add 50.0.0.2/32 encap ip dst 192.168.101.131 ttl 10 dev tun0

On inv11:

ip link add tun0 type gre external
ip link set tun0 up
ip add add 50.0.0.2/30 dev tun0
ip route add 50.0.0.1/32 encap ip dst 192.168.101.121 ttl 10 dev tun0

Ping request from 50.0.0.2 to 50.0.0.1:

12:10:16.942145 02:46:8a:00:05:c3 > 02:46:8a:00:02:a0, ethertype IPv4 (0x0800), length 122: (tos 0x0, ttl 10, id 47310, offset 0, flags [none], proto GRE (47), length 108) 192.168.101.131 > 192.168.101.121: GREv0, Flags [none], proto IPv4 (0x0800), length 88 (tos 0x0, ttl 64, id 16420, offset 0, flags [DF], proto ICMP (1), length 84) 50.0.0.2 > 50.0.0.1: ICMP echo request, id 1198, seq 18, length 64

Ping response to 50.0.0.2

12:10:16.942219 02:46:8a:00:02:a0 > 02:46:8a:00:05:c3, ethertype IPv4 (0x0800), length 122: (tos 0x0, ttl 10, id 46735, offset 0, flags [none], proto GRE (47), length 108) 192.168.101.121 > 192.168.101.131: GREv0, Flags [none], proto IPv4 (0x0800), length 88 (tos 0x0, ttl 64, id 14059, offset 0, flags [none], proto ICMP (1), length 84) 50.0.0.1 > 50.0.0.2: ICMP echo reply, id 1198, seq 18, length 64

Now same config between eth-21-0 on inv1 to eth-21-0 on inv11:

On inv1:

ip link add tun0 type gre external
ip link set tun0 up
ip add add 50.0.0.1/30 dev tun0
ip route add 50.0.0.2/32 encap ip dst 10.50.0.11 ttl 10 dev tun0

On inv11:

ip link add tun0 type gre external
ip link set tun0 up
ip add add 50.0.0.2/30 dev tun0
ip route add 50.0.0.1/32 encap ip dst 10.50.0.1 ttl 10 dev tun0

Fib looks good, but ping fails:

root@invader1:/home/stig# goes vnet show ip fib 
 Table                   Destination                               Adjacency
     default                  10.50.0.0/24       9: glean eth-21-0
     default                  10.50.0.1/32      10: local eth-21-0
                                              tx pipe packets                1
                                              tx pipe bytes                102
     default                 10.50.0.11/32      11: rewrite eth-21-0 IP4: 02:46:8a:00:02:ee -> 02:46:8a:00:05:db
     default                   50.0.0.2/32      12: rewrite eth-21-0 12-12, 1 x 11
                                                      IP4: 02:46:8a:00:02:ee -> 02:46:8a:00:05:db
                                                      GRE: 10.50.0.1 -> 10.50.0.11
                                                      GRE: IP4

Clear counters and ping 100 packets:

root@invader1:/home/stig# goes vnet clear int; ping -f -c 100 50.0.0.2
PING 50.0.0.2 (50.0.0.2) 56(84) bytes of data.
....................................................................................................^C
--- 50.0.0.2 ping statistics ---
100 packets transmitted, 0 received, 100% packet loss, time 1639ms

root@invader1:/home/stig# goes vnet show ha
             Name                  Address         Link    Counter                                      Count
eth-21-0                      02:46:8a:00:02:ee     up     tx pipe unicast queue cos0 packets             100
                                                           tx pipe unicast queue cos0 bytes             12200
                                                           tx pipe port table packets                     100
                                                           tx pipe port table bytes                     12200
                                                           port tx packets                                100
                                                           port tx bytes                                12600
                                                           port tx 65 to 127 byte packets                 100
                                                           port tx good packets                           100
                                                           port tx unicast packets                        100
meth-1                        00:00:00:00:00:00     up     port rx packets                                100
                                                           port rx bytes                                13000
                                                           port rx 128 to 255 byte packets                100
                                                           port rx good packets                           100
                                                           port rx unicast packets                        100
                                                           port rx promiscuous packets                    100
                                                           port rx 1tag vlan packets                      100
                                                           rx pipe port table packets                     100
                                                           rx pipe port table bytes                     12600
                                                           rx pipe unicast packets                        100
                                                           rx pipe vlan tagged packets                    100
fe1-cpu                       00:00:00:00:00:00     up     tx pipe vlan tagged packets                      1
                                                           tx pipe cpu queue 1 packets                      1
                                                           tx pipe cpu queue 1 bytes                      194
                                                           tx pipe port table packets                       1
                                                           tx pipe port table bytes                       194
ixge3-0-1                     34:12:78:56:01:00     up     tx packets                                     100
                                                           tx good packets                                100
                                                           tx good bytes                                13000
                                                           tx dma good packets                            100
                                                           tx dma good bytes                            12600
                                                           tx 128 to 255 byte packets                     100

Transmit looks good. Check counters on inv11:

root@invader11:~# goes vnet show ha
             Name                  Address         Link    Counter                                      Count
eth-21-0                      02:46:8a:00:05:db     up     port rx packets                                100
                                                           port rx bytes                                12600
                                                           port rx 65 to 127 byte packets                 100
                                                           port rx good packets                           100
                                                           port rx unicast packets                        100
                                                           port rx promiscuous packets                    100
                                                           rx pipe port table packets                     100
                                                           rx pipe port table bytes                     12200
                                                           rx pipe unicast packets                        100
                                                           rx pipe zero port bitmap drops                 100
                                                           rx pipe tunnel packets                         100
meth-0                        00:00:00:00:00:00     up     port rx packets                                  4
                                                           port rx bytes                                  256
                                                           port rx 64 byte packets                          4
                                                           port rx good packets                             4
                                                           port rx multicast packets                        4
                                                           port rx 1tag vlan packets                        4
                                                           rx pipe port table packets                       4
                                                           rx pipe port table bytes                       240
                                                           rx pipe multicast drops                          4
                                                           rx pipe vlan tagged packets                      4
fe1-cpu                       00:00:00:00:00:00     up     tx pipe vlan tagged packets                      4
                                                           tx pipe cpu queue 3 packets                      4
                                                           tx pipe cpu queue 3 bytes                      256
                                                           tx pipe port table packets                       4
                                                           tx pipe port table bytes                       256

100 packets received (and even classified as tunnel packets), but 100 rx pipe zero port bitmap drops.

Packet capture on inv1 shows that the packet it's transmitting looks good:

14:42:28.829421 02:46:8a:00:02:ee > 02:46:8a:00:06:12, ethertype IPv4 (0x0800), length 122: (tos 0x0, ttl 10, id 20427, offset 0, flags [none], proto GRE (47), length 108)
    10.50.0.1 > 10.50.0.11: GREv0, Flags [none], proto IPv4 (0x0800), length 88
    (tos 0x0, ttl 64, id 55400, offset 0, flags [DF], proto ICMP (1), length 84)
    50.0.0.1 > 50.0.0.2: ICMP echo request, id 16986, seq 1, length 64
jignesh045 commented 6 years ago

Not able to verify this issue in latest goes build due to issue https://github.com/platinasystems/go/issues/134