XDP-Forwarding icon indicating copy to clipboard operation
XDP-Forwarding copied to clipboard

Published 20 hours ago verified publisher icon gamemann

when will the forwarding feature be completed?

Open szuwgh opened this issue 2 years ago • 4 comments

@gamemann when will the forwarding feature be completed? From your introduction, it seems that the forwarding feature cannot be used yet. I am also learning ebpf for L4 forwarding recently.

szuwgh avatar Jan 14 '22 09:01 szuwgh

Hey @szuwgh,

The forwarding aspect should work fine with this program for TCP, UDP, and ICMP protocols. It uses source port mapping similar to IPTables/NFTables.

gamemann avatar Jan 19 '22 16:01 gamemann

hi @gamemann

I use vm to create two virtual machines, the iP address is 192.168.255.130 and 192.168.255.128 I started a simple http service on 192.168.255.128 with port 8002,request http://192.168.255.128:8002 can return helloworld, Then forwarded to 192.168.255.128:8002 with 192.168.255.130:8000, but the request to http://192.168.255.130:8000 got no response,Turn off any firewalls。 image image How to configure it to forward successfully

Thanks

trace_pipe log:

      <idle>-0       [001] d.s. 1255796.647247: bpf_trace_printk: Matched forward rule 2197792960:16415 (6).

      <idle>-0       [001] d.s. 1255796.647253: bpf_trace_printk: Inserting new connection for 33532096

      <idle>-0       [001] d.s. 1255796.647254: bpf_trace_printk: Decided to use port 502

      <idle>-0       [001] d.s. 1255796.647257: bpf_trace_printk: New connection: BPort => 8000. Port => 502. BAddr => 2197792960.

      <idle>-0       [001] d.s. 1255796.647258: bpf_trace_printk: Forwarding packet from new connection for 33532096

      <idle>-0       [001] d.s. 1255796.647258: bpf_trace_printk: Forward Port => 502:8002.

      <idle>-0       [001] d.s. 1255796.647258: bpf_trace_printk: Forward IP => 2197792960:2164238528 (6)

      <idle>-0       [001] d.s. 1255797.647718: bpf_trace_printk: Matched forward rule 2197792960:16415 (6).

      <idle>-0       [001] d.s. 1255797.647722: bpf_trace_printk: Forwarding packet from existing connection. 33532096 with count 2

      <idle>-0       [001] d.s. 1255797.647723: bpf_trace_printk: VV1 = 33532096 : 9003.

      <idle>-0       [001] d.s. 1255797.666697: bpf_trace_printk: VV2 = 2197792960 : 8000 : 6.

      <idle>-0       [001] d.s. 1255797.666704: bpf_trace_printk: Forward Port => 502:8002.

      <idle>-0       [001] d.s. 1255797.666704: bpf_trace_printk: Forward IP => 2197792960:2164238528 (6)

      <idle>-0       [001] d.s. 1255799.648326: bpf_trace_printk: Matched forward rule 2197792960:16415 (6).

      <idle>-0       [001] d.s. 1255799.648330: bpf_trace_printk: Forwarding packet from existing connection. 33532096 with count 3

      <idle>-0       [001] d.s. 1255799.648330: bpf_trace_printk: VV1 = 33532096 : 9003.

      <idle>-0       [001] d.s. 1255799.648331: bpf_trace_printk: VV2 = 2197792960 : 8000 : 6.

      <idle>-0       [001] d.s. 1255799.648331: bpf_trace_printk: Forward Port => 502:8002.

      <idle>-0       [001] d.s. 1255799.648332: bpf_trace_printk: Forward IP => 2197792960:2164238528 (6)

      <idle>-0       [001] d.s. 1255803.647686: bpf_trace_printk: Matched forward rule 2197792960:16415 (6).

      <idle>-0       [001] d.s. 1255803.647690: bpf_trace_printk: Forwarding packet from existing connection. 33532096 with count 4

      <idle>-0       [001] d.s. 1255803.647691: bpf_trace_printk: VV1 = 33532096 : 9003.

      <idle>-0       [001] d.s. 1255803.647691: bpf_trace_printk: VV2 = 2197792960 : 8000 : 6.

      <idle>-0       [001] d.s. 1255803.647692: bpf_trace_printk: Forward Port => 502:8002.

      <idle>-0       [001] d.s. 1255803.647693: bpf_trace_printk: Forward IP => 2197792960:2164238528 (6)

      <idle>-0       [001] d.s. 1255811.648413: bpf_trace_printk: Matched forward rule 2197792960:16415 (6).

      <idle>-0       [001] d.s. 1255811.648417: bpf_trace_printk: Forwarding packet from existing connection. 33532096 with count 5

      <idle>-0       [001] d.s. 1255811.648418: bpf_trace_printk: VV1 = 33532096 : 9003.

      <idle>-0       [001] d.s. 1255811.648418: bpf_trace_printk: VV2 = 2197792960 : 8000 : 6.

      <idle>-0       [001] d.s. 1255811.648419: bpf_trace_printk: Forward Port => 502:8002.

      <idle>-0       [001] d.s. 1255811.648419: bpf_trace_printk: Forward IP => 2197792960:2164238528 (6)

szuwgh avatar Jan 20 '22 08:01 szuwgh

Hey, I apologize for the delay on this!

I'm not sure if you need any more help, but from the above, would you be able to do a TCP dump on the destination machine to see if you're receiving the packets from 192.168.255.130 on 192.168.255.128? So on the machine binding 192.168.255.128 you can run tcpdump -i any host 192.168.255.130 -nne to see if you have any packets coming into the machine.

This will narrow down whether the issue is with packets coming back from the destination machine or if the packets aren't even reaching the destination machine in the first place.

gamemann avatar Feb 13 '22 21:02 gamemann

Ok, thank you for your help, I'll debug it again

szuwgh avatar Feb 22 '22 08:02 szuwgh

Hey! I'm going to close this issue for now, but if you are still having issues with debugging, please feel free to reopen the issue 😄

gamemann avatar Sep 08 '22 04:09 gamemann