Project

General

Profile

Support #7340

Updated by Juliana Fajardini Reichow about 1 month ago

*Problem* 

 h1. Problem 
 I used af-packet to capture packets from docker interface and set bpf filter to ignore traffic. 
 I found `stats`'s decoder.invalid was increasing. 

 *Configuration* h1. Configuration 

 *docker0's offload* h2. docker0's offload 
 <pre><code class="shell"> 
 Features for docker0: 
 rx-checksumming: off [fixed] 
 tx-checksumming: on 
 tx-checksum-ipv4: off [fixed] 
 tx-checksum-ip-generic: on 
 tx-checksum-ipv6: off [fixed] 
 tx-checksum-fcoe-crc: off [fixed] 
 tx-checksum-sctp: off [fixed] 
 scatter-gather: off 
 tx-scatter-gather: off 
 tx-scatter-gather-fraglist: off 
 tcp-segmentation-offload: off 
 tx-tcp-segmentation: off 
 tx-tcp-ecn-segmentation: off 
 tx-tcp-mangleid-segmentation: off 
 tx-tcp6-segmentation: off 
 generic-segmentation-offload: off 
 generic-receive-offload: off 
 large-receive-offload: off [fixed] 
 rx-vlan-offload: off [fixed] 
 tx-vlan-offload: on 
 ntuple-filters: off [fixed] 
 receive-hashing: off [fixed] 
 highdma: on 
 rx-vlan-filter: off [fixed] 
 vlan-challenged: off [fixed] 
 tx-lockless: on [fixed] 
 netns-local: on [fixed] 
 tx-gso-robust: off [requested on] 
 tx-fcoe-segmentation: off [requested on] 
 tx-gre-segmentation: on 
 tx-gre-csum-segmentation: on 
 tx-ipxip4-segmentation: on 
 tx-ipxip6-segmentation: on 
 tx-udp_tnl-segmentation: on 
 tx-udp_tnl-csum-segmentation: on 
 tx-gso-partial: on 
 tx-tunnel-remcsum-segmentation: on 
 tx-sctp-segmentation: on 
 tx-esp-segmentation: on 
 tx-udp-segmentation: on 
 tx-gso-list: on 
 fcoe-mtu: off [fixed] 
 tx-nocache-copy: off 
 loopback: off [fixed] 
 rx-fcs: off [fixed] 
 rx-all: off [fixed] 
 tx-vlan-stag-hw-insert: on 
 rx-vlan-stag-hw-parse: off [fixed] 
 rx-vlan-stag-filter: off [fixed] 
 l2-fwd-offload: off [fixed] 
 hw-tc-offload: off [fixed] 
 esp-hw-offload: off [fixed] 
 esp-tx-csum-hw-offload: off [fixed] 
 rx-udp_tunnel-port-offload: off [fixed] 
 tls-hw-tx-offload: off [fixed] 
 tls-hw-rx-offload: off [fixed] 
 rx-gro-hw: off [fixed] 
 tls-hw-record: off [fixed] 
 rx-gro-list: off 
 macsec-hw-offload: off [fixed] 
 rx-udp-gro-forwarding: off 
 hsr-tag-ins-offload: off [fixed] 
 hsr-tag-rm-offload: off [fixed] 
 hsr-fwd-offload: off [fixed] 
 hsr-dup-offload: off [fixed] 
 </code></pre> 

 *af-packet configuration* h2. af-packet configuration 
 <pre><code class="yaml"> 
 af-packet: 
 - interface: docker0 
 cluster-id: 99 
 cluster-type: cluster_flow 
 defrag: yes 
 use-mmap: yes 
 tpacket-v3: yes 
 ring-size: 100000 
 block-size: 1048576 
 block-timeout: 10 
 buffer-size: 1048576 
 bpf-filter: host 172.17.0.3 
 checksum-checks: no 
 mmap-locked: yes 
 use-emergency-flush: no 
 </code></pre> 

 *Debug* 

 h1. Debug 
 When I used gdb to debug, I set a breakpoint, I found IPv4 payload length is not equal actual len. 
 <pre><code class="shell"> 
 (gdb) b DecodeIPV4Packet 
 (gdb)    if (unlikely(len < IPV4_GET_RAW_IPLEN(ip4h))) { 
         ENGINE_SET_INVALID_EVENT(p, IPV4_TRUNC_PKT); 
         return NULL; 
     } 

 (gdb) p len 
 $1 = 1510 
 (gdb) p (uint16_t)ntohs((ip4h)->ip_len) 
 $2 = 3071 
 </code></pre> 

 *My Solution* 

 h1. My Solution 
 I changed pcap_compile's snaplen_arg to MAX_PAYLOAD_SIZE, the problem never happen again. 

 

Back