Hi,
I have a CRS317 running 7.1rc4 configured with L3 hardware routing. I have noticed that the src_mac used on routed packets changes when the HW offloading setting is changed:
with l3-hw-offloading=yes, the src_mac address used for routed traffic is the MAC for the outgoing, physical port on the switch
with l3-hw-offloading=no, the src_mac address used for routed traffic corresponds to the VLAN interface which has inherited its MAC from the bridge
Now, this is usually not too big of a problem since the host on the other end would just set the MAC it has learned through ARP as the destination when returning traffic. However, I’m running https://cilium.io (v1.11.0-rc0) in eBPF mode and it seems to be returning traffic to the MAC it saw in the initial packet. That creates an issue; the switch (with l3-hw-offloading=yes) receives the traffic with the physical interface’s MAC as the destination rather than the VLAN interface’s MAC, seems to be somewhat confused and decides to flood the packets. Needless to say, traffic never reaches its destination in a proper way (and flooding eats up bandwidth).
If l3-hw-offloading=no is set, the VLAN interface MAC is used as src_mac on traffic from the CRS317, Cilium returns traffic to that MAC and the CRS317 routes the traffic correctly.
Not sure who’s at fault here. Is this a bug in Cilium? Mikrotik? A peculiarity with the L3 hardware offloading that cannot be changed? Please advise. I’m happy to provide configuration, etc. if needed.
For reference, I’m running the bridge with auto-mac=no and admin-mac configured.
Hi @raimondsp; I just reported the issue as SUP-63543. You can find the configuration and a supout.rif there in case you need it to reproduce the issue.
I’m so sorry. The MAC src fix in the rc5 is for the DX2000/DX3000 switch chip series. However, CRS317 has a DX8216 chip. Currently, we are testing the fix for the DX8000 series.
If you wish, we may send you a private firmware build with the fix included after the testing is done. So you won’t have to wait until rc6.