[PATCH] Set DF bit for IPv4 GRE tunnels with fixed TTL

Konstantin Shemyak Sat, 05 Dec 2015 12:56:34 -0800

The DF bit on IPv4 GRE tunnels with fixed TTL is enforced in order
to prevent networking loops. This was the original behavior of GRE
tunnels, lost in the refactoring.


Signed-off-by: Konstantin Shemyak <konstan...@shemyak.com>
---
 net/ipv4/ip_gre.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index 6145214..485bf27 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -679,6 +679,10 @@ static int ipgre_tunnel_ioctl(struct net_device *dev,
                    ((p.i_flags|p.o_flags)&(GRE_VERSION|GRE_ROUTING)))
                        return -EINVAL;
        }
+
+        if (p.iph.ttl)
+                p.iph.frag_off |= htons(IP_DF);
+
        p.i_flags = gre_flags_to_tnl_flags(p.i_flags);
        p.o_flags = gre_flags_to_tnl_flags(p.o_flags);

--
1.9.1

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] Set DF bit for IPv4 GRE tunnels with fixed TTL

Reply via email to