VXLAN: pick up some stuff from the OpenBSD tcpdump.

Author: guyharris

print-vxlan-gpe.c

@@ -23,7 +23,7 @@
 
 /* \summary: Generic Protocol Extension for VXLAN (VXLAN GPE) printer */
 
-/* specification: draft-ietf-nvo3-vxlan-gpe-10 */
+/* specification: draft-ietf-nvo3-vxlan-gpe-12 */
 
 #ifdef HAVE_CONFIG_H
 #include <config.h>
@@ -35,24 +35,38 @@
 #include "netdissect.h"
 #include "extract.h"
 
+#define VXLAN_GPE_VER   0x30 /* GPE */
+#define VXLAN_GPE_SHIFT 4
+#define VXLAN_GPE_VER_0 0x0
+#define VXLAN_GPE_I     0x08 /* Instance Bit */
+#define VXLAN_GPE_P     0x04 /* GPE Next Protocol */
+#define VXLAN_GPE_B     0x02 /* GPE BUM Traffic */
+#define VXLAN_GPE_O     0x01 /* GPE OAM Flag */
+
 static const struct tok vxlan_gpe_flags [] = {
-    { 0x08, "I" },
-    { 0x04, "P" },
-    { 0x02, "B" },
-    { 0x01, "O" },
+    { VXLAN_GPE_I, "I" },
+    { VXLAN_GPE_P, "P" },
+    { VXLAN_GPE_B, "B" },
+    { VXLAN_GPE_O, "O" },
     { 0, NULL }
 };
 
+#define VXLAN_GPE_PROTO_RESERVED 0x00
+#define VXLAN_GPE_PROTO_IPV4     0x01
+#define VXLAN_GPE_PROTO_IPV6     0x02
+#define VXLAN_GPE_PROTO_ETHERNET 0x03
+#define VXLAN_GPE_PROTO_NSH      0x04
+
 #define VXLAN_GPE_HDR_LEN 8
 
 /*
- * VXLAN GPE header, draft-ietf-nvo3-vxlan-gpe-01
+ * VXLAN GPE header, draft-ietf-nvo3-vxlan-gpe-12
  *                   Generic Protocol Extension for VXLAN
  *
  *     0                   1                   2                   3
  *     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
  *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- *    |R|R|Ver|I|P|R|O|       Reserved                |Next Protocol  |
+ *    |R|R|Ver|I|P|B|O|       Reserved                |Next Protocol  |
  *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  *    |                VXLAN Network Identifier (VNI) |   Reserved    |
  *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
@@ -61,10 +75,21 @@ static const struct tok vxlan_gpe_flags [] = {
 void
 vxlan_gpe_print(netdissect_options *ndo, const u_char *bp, u_int len)
 {
-    uint8_t flags;
+    uint8_t flags, ver;
     uint8_t next_protocol;
-    uint32_t vni;
 
+    /*
+     * XXX - OpenBSD has a single dissector for VXLAN and VXLAN-GPE,
+     * using the flag bits to distinguish between them.
+     *
+     * draft-ietf-nvo3-vxlan-gpe-12, the final VXLAN-GPE draft, says
+     * that VXLAN-GPE uses port 4790, rather than VXLAN's port 4789,
+     * and that the P flag bit must be set for VXLAN-GPE packets,
+     * indicating that the header includes a "next protocol" field,
+     * and that if a packet with the P it not set is received on
+     * port 4790, "the "Next Protocol" field must be set to zero and
+     * the payload MUST be ETHERNET(L2) as defined by [RFC7348]."
+     */
     ndo->ndo_protocol = "vxlan_gpe";
     ND_PRINT("VXLAN-GPE, ");
     if (len < VXLAN_GPE_HDR_LEN) {
@@ -75,48 +100,79 @@ vxlan_gpe_print(netdissect_options *ndo, const u_char *bp, u_int len)
     flags = GET_U_1(bp);
     bp += 1;
     len -= 1;
+    ver = (flags & VXLAN_GPE_VER) >> VXLAN_GPE_SHIFT;
+    if (ver != VXLAN_GPE_VER_0) {
+        ND_PRINT("unknown version %u", ver);
+        goto invalid;
+    }
     ND_PRINT("flags [%s], ",
               bittok2str_nosep(vxlan_gpe_flags, "none", flags));
 
     /* Reserved */
     bp += 2;
     len -= 2;
 
-    next_protocol = GET_U_1(bp);
+    /*
+     * If the VXLAN_GPE_P flag bit isn't set, that means this is a VXLAN
+     * packet, not a VXLAN-GPE packet, and thus has no "next protocol"
+     * field; the payload is Ethernet.
+     */
+    if (flags & VXLAN_GPE_P)
+        next_protocol = GET_U_1(bp);
+    else
+        next_protocol = VXLAN_GPE_PROTO_ETHERNET;
     bp += 1;
     len -= 1;
 
-    vni = GET_BE_U_3(bp);
+    /*
+     * Both RFC 7348 and draft-ietf-nvo3-vxlan-gpe-12 say that the I flag
+     * MUST be set.
+     */
+    if (flags & VXLAN_GPE_I)
+        ND_PRINT("vni %u", GET_BE_U_3(bp));
+    else
+        ND_PRINT("ERROR: I flag not set");
     bp += 3;
     len -= 3;
 
+    if (flags & VXLAN_GPE_B)
+        printf(", BUM");
+
+    if (flags & VXLAN_GPE_O) {
+        printf(", OAM (proto 0x%x, len %u)", next_protocol, len);
+        return;
+    }
+
     /* Reserved */
     ND_TCHECK_1(bp);
     bp += 1;
     len -= 1;
 
-    ND_PRINT("vni %u", vni);
     ND_PRINT(ndo->ndo_vflag ? "\n    " : ": ");
 
     switch (next_protocol) {
-    case 0x1:
+    case VXLAN_GPE_PROTO_IPV4:
         ip_print(ndo, bp, len);
         break;
-    case 0x2:
+    case VXLAN_GPE_PROTO_IPV6:
         ip6_print(ndo, bp, len);
         break;
-    case 0x3:
+    case VXLAN_GPE_PROTO_ETHERNET:
         ether_print(ndo, bp, len, ND_BYTES_AVAILABLE_AFTER(bp), NULL, NULL);
         break;
-    case 0x4:
+    case VXLAN_GPE_PROTO_NSH:
         nsh_print(ndo, bp, len);
         break;
+    /*
+     * OpenBSD supports 0x05 for MPLS, which was in earlier drafts
+     * of VXLAN GPE, but not in the final -12 draft.
+     */
     default:
         ND_PRINT("ERROR: unknown-next-protocol");
         goto invalid;
     }
 
-	return;
+    return;
 
 invalid:
     nd_print_invalid(ndo);

print-vxlan.c

@@ -27,8 +27,10 @@
 #include "netdissect.h"
 #include "extract.h"
 
+#define VXLAN_I     0x08 /* Instance Bit */
+
 static const struct tok vxlan_flags [] = {
-    { 0x08, "I" },
+    { VXLAN_I, "I" },
     { 0, NULL }
 };
 #define VXLAN_HDR_LEN 8
@@ -51,7 +53,6 @@ void
 vxlan_print(netdissect_options *ndo, const u_char *bp, u_int len)
 {
     uint8_t flags;
-    uint32_t vni;
 
     ndo->ndo_protocol = "vxlan";
     nd_print_protocol_caps(ndo);
@@ -66,9 +67,14 @@ vxlan_print(netdissect_options *ndo, const u_char *bp, u_int len)
     /* 1st Reserved */
     bp += 3;
 
-    vni = GET_BE_U_3(bp);
+    /*
+     * RFC 7348 says that the I flag MUST be set.
+     */
+    if (flags & VXLAN_I)
+        ND_PRINT("vni %u\n", GET_BE_U_3(bp));
+    else
+        ND_PRINT("ERROR: I flag not set\n");
     bp += 3;
-    ND_PRINT("vni %u\n", vni);
 
     /* 2nd Reserved */
     ND_TCHECK_1(bp);