Bug 2226986
| Summary: | [BCM57504] [rhel9]vf kernel vlan with spoofchk off and trust off, ipv4 traffic shouldn't be captured | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 9 | Reporter: | Jiying Qiu <jiqiu> |
| Component: | dpdk | Assignee: | Maxime Coquelin <maxime.coquelin> |
| Status: | NEW --- | QA Contact: | Hekai Wang <hewang> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 9.2 | CC: | fleitner, ovs-qe |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | Bug | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Description of problem: Server create vfs ,and set vlan to vfs. set spoofchk off and trust off. bind vfs to testpmd, send ipv4 traffic from Client, captured packets in client nic2 port. Version-Release number of selected component (if applicable): kernel-5.14.0-284.18.1.el9_2.x86_64 dpdk-22.11-4.el9.x86_64 5e:00.2 Ethernet controller: Broadcom Inc. and subsidiaries BCM57504 NetXtreme-E 10Gb/25Gb/40Gb/50Gb/100Gb/200Gb Ethernet (rev 11) 5e:00.3 Ethernet controller: Broadcom Inc. and subsidiaries BCM57504 NetXtreme-E 10Gb/25Gb/40Gb/50Gb/100Gb/200Gb Ethernet (rev 11) # ethtool -i ens2f2np2 driver: bnxt_en version: 5.14.0-284.18.1.el9_2.x86_64 firmware-version: 225.0.144.0/pkg 225.1.95.0 expansion-rom-version: bus-info: 0000:5e:00.2 supports-statistics: yes supports-test: yes supports-eeprom-access: yes supports-register-dump: yes supports-priv-flags: no How reproducible: always Steps to Reproduce: Server and Client is connected back to back Server side : 1. create 1 vf on each PF 5f:02.0 Ethernet controller: Broadcom Inc. and subsidiaries BCM5750X NetXtreme-E Ethernet Virtual Function (rev 11) 5f:03.0 Ethernet controller: Broadcom Inc. and subsidiaries BCM5750X NetXtreme-E Ethernet Virtual Function (rev 11) 2. set vlan ,spoofchk off , trust off on vfs #ip li set ens2f2np2 vf 0 spoofchk off #ip li set ens2f3np3 vf 0 spoofchk off #ip li set ens2f2np2 vf 0 trust off #ip li set ens2f3np3 vf 0 trust off #ip li set ens2f2np2 vf 0 vlan 2 #ip li set ens2f3np3 vf 0 vlan 2 #ip link 113: ens2f2np2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 5c:6f:69:82:8f:62 brd ff:ff:ff:ff:ff:ff vf 0 link/ether c6:aa:3c:5e:68:dc brd ff:ff:ff:ff:ff:ff, vlan 2, spoof checking off, link-state auto, trust off altname enp94s0f2np2 114: ens2f3np3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether 5c:6f:69:82:8f:63 brd ff:ff:ff:ff:ff:ff vf 0 link/ether f6:4b:e7:c1:23:96 brd ff:ff:ff:ff:ff:ff, vlan 2, spoof checking off, link-state auto, trust off altname enp94s0f3np3 3.bind vf to vfio-pci, then start testpmd ,and set verbose 9 inside testpmd #driverctl set-override 0000:5f:02.0 vfio-pci #driverctl set-override 0000:5f:03.0 vfio-pci #dpdk-testpmd -a 0000:5f:02.0 -a 0000:5f:03.0 -- -i --auto-start testpmd> set verbose 9 Client side: send ipv4 traffic with scapy send_pkt_num = 10 size = 64 pkt = Ether()/Dot1Q(type=0x8100,vlan=2) pkt.dst = Server_nic2_mac ## pf mac payload = max(0, size - len(pkt)) * 'x' pkt.add_payload(payload.encode()) log(pkt.show()) sendp(pkt,count=send_pkt_num,inter=1,iface='Client_nic1_name') Actual results: there are packets captured in testpmd. And on client nic2, packets captured Expected results: On client nic2, shouldn't have packets captured Additional info: https://beaker.engineering.redhat.com/recipes/14300246#task163614963 case dpdk-sriov-vf-kernel-vlan-test-spoofchk-disabled-vf-trust-off-without-max-tx-rate-without-qos-IPV4-packets-check dpdk-sriov-vf-kernel-vlan-test-spoofchk-disabled-vf-trust-off-with-max-tx-rate-without-qos-IPV4-packets-check dpdk-sriov-vf-kernel-vlan-test-spoofchk-disabled-vf-trust-off-without-max-tx-rate-with-qos-IPV4-packets-check dpdk-sriov-vf-kernel-vlan-test-spoofchk-disabled-vf-trust-off-with-max-tx-rate-with-qos-IPV4-packets-check