2 * ip_vs_xmit.c: various packet transmitters for IPVS
4 * Authors: Wensong Zhang <wensong@linuxvirtualserver.org>
5 * Julian Anastasov <ja@ssi.bg>
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version
10 * 2 of the License, or (at your option) any later version.
16 #define KMSG_COMPONENT "IPVS"
17 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
19 #include <linux/kernel.h>
20 #include <linux/slab.h>
21 #include <linux/tcp.h> /* for tcphdr */
23 #include <net/tcp.h> /* for csum_tcpudp_magic */
25 #include <net/icmp.h> /* for icmp_send */
26 #include <net/route.h> /* for ip_route_output */
28 #include <net/ip6_route.h>
29 #include <linux/icmpv6.h>
30 #include <linux/netfilter.h>
31 #include <net/netfilter/nf_conntrack.h>
32 #include <linux/netfilter_ipv4.h>
34 #include <net/ip_vs.h>
38 * Destination cache to speed up outgoing route lookup
41 __ip_vs_dst_set(struct ip_vs_dest *dest, u32 rtos, struct dst_entry *dst)
43 struct dst_entry *old_dst;
45 old_dst = dest->dst_cache;
46 dest->dst_cache = dst;
47 dest->dst_rtos = rtos;
51 static inline struct dst_entry *
52 __ip_vs_dst_check(struct ip_vs_dest *dest, u32 rtos, u32 cookie)
54 struct dst_entry *dst = dest->dst_cache;
59 || (dest->af == AF_INET && rtos != dest->dst_rtos)) &&
60 dst->ops->check(dst, cookie) == NULL) {
61 dest->dst_cache = NULL;
69 static struct rtable *
70 __ip_vs_get_out_rt(struct ip_vs_conn *cp, u32 rtos)
72 struct rtable *rt; /* Route to the other host */
73 struct ip_vs_dest *dest = cp->dest;
76 spin_lock(&dest->dst_lock);
77 if (!(rt = (struct rtable *)
78 __ip_vs_dst_check(dest, rtos, 0))) {
83 .daddr = dest->addr.ip,
88 if (ip_route_output_key(&init_net, &rt, &fl)) {
89 spin_unlock(&dest->dst_lock);
90 IP_VS_DBG_RL("ip_route_output error, dest: %pI4\n",
94 __ip_vs_dst_set(dest, rtos, dst_clone(&rt->dst));
95 IP_VS_DBG(10, "new dst %pI4, refcnt=%d, rtos=%X\n",
97 atomic_read(&rt->dst.__refcnt), rtos);
99 spin_unlock(&dest->dst_lock);
105 .daddr = cp->daddr.ip,
110 if (ip_route_output_key(&init_net, &rt, &fl)) {
111 IP_VS_DBG_RL("ip_route_output error, dest: %pI4\n",
120 #ifdef CONFIG_IP_VS_IPV6
121 static struct rt6_info *
122 __ip_vs_get_out_rt_v6(struct ip_vs_conn *cp)
124 struct rt6_info *rt; /* Route to the other host */
125 struct ip_vs_dest *dest = cp->dest;
128 spin_lock(&dest->dst_lock);
129 rt = (struct rt6_info *)__ip_vs_dst_check(dest, 0, 0);
135 .daddr = dest->addr.in6,
144 rt = (struct rt6_info *)ip6_route_output(&init_net,
147 spin_unlock(&dest->dst_lock);
148 IP_VS_DBG_RL("ip6_route_output error, dest: %pI6\n",
152 __ip_vs_dst_set(dest, 0, dst_clone(&rt->dst));
153 IP_VS_DBG(10, "new dst %pI6, refcnt=%d\n",
155 atomic_read(&rt->dst.__refcnt));
157 spin_unlock(&dest->dst_lock);
163 .daddr = cp->daddr.in6,
165 .s6_addr32 = { 0, 0, 0, 0 },
171 rt = (struct rt6_info *)ip6_route_output(&init_net, NULL, &fl);
173 IP_VS_DBG_RL("ip6_route_output error, dest: %pI6\n",
185 * Release dest->dst_cache before a dest is removed
188 ip_vs_dst_reset(struct ip_vs_dest *dest)
190 struct dst_entry *old_dst;
192 old_dst = dest->dst_cache;
193 dest->dst_cache = NULL;
194 dst_release(old_dst);
197 #define IP_VS_XMIT(pf, skb, rt) \
199 (skb)->ipvs_property = 1; \
200 skb_forward_csum(skb); \
201 NF_HOOK(pf, NF_INET_LOCAL_OUT, (skb), NULL, \
202 (rt)->dst.dev, dst_output); \
207 * NULL transmitter (do nothing except return NF_ACCEPT)
210 ip_vs_null_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
211 struct ip_vs_protocol *pp)
213 /* we do not touch skb and do not need pskb ptr */
220 * Let packets bypass the destination when the destination is not
221 * available, it may be only used in transparent cache cluster.
224 ip_vs_bypass_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
225 struct ip_vs_protocol *pp)
227 struct rtable *rt; /* Route to the other host */
228 struct iphdr *iph = ip_hdr(skb);
237 .tos = RT_TOS(tos), } },
242 if (ip_route_output_key(&init_net, &rt, &fl)) {
243 IP_VS_DBG_RL("%s(): ip_route_output error, dest: %pI4\n",
244 __func__, &iph->daddr);
249 mtu = dst_mtu(&rt->dst);
250 if ((skb->len > mtu) && (iph->frag_off & htons(IP_DF))) {
252 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu));
253 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
258 * Call ip_send_check because we are not sure it is called
259 * after ip_defrag. Is copy-on-write needed?
261 if (unlikely((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL)) {
265 ip_send_check(ip_hdr(skb));
269 skb_dst_set(skb, &rt->dst);
271 /* Another hack: avoid icmp_send in ip_fragment */
274 IP_VS_XMIT(NFPROTO_IPV4, skb, rt);
280 dst_link_failure(skb);
287 #ifdef CONFIG_IP_VS_IPV6
289 ip_vs_bypass_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
290 struct ip_vs_protocol *pp)
292 struct rt6_info *rt; /* Route to the other host */
293 struct ipv6hdr *iph = ipv6_hdr(skb);
300 .saddr = { .s6_addr32 = {0, 0, 0, 0} }, } },
305 rt = (struct rt6_info *)ip6_route_output(&init_net, NULL, &fl);
307 IP_VS_DBG_RL("%s(): ip6_route_output error, dest: %pI6\n",
308 __func__, &iph->daddr);
313 mtu = dst_mtu(&rt->dst);
314 if (skb->len > mtu) {
315 dst_release(&rt->dst);
316 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
317 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
322 * Call ip_send_check because we are not sure it is called
323 * after ip_defrag. Is copy-on-write needed?
325 skb = skb_share_check(skb, GFP_ATOMIC);
326 if (unlikely(skb == NULL)) {
327 dst_release(&rt->dst);
333 skb_dst_set(skb, &rt->dst);
335 /* Another hack: avoid icmp_send in ip_fragment */
338 IP_VS_XMIT(NFPROTO_IPV6, skb, rt);
344 dst_link_failure(skb);
353 ip_vs_update_conntrack(struct sk_buff *skb, struct ip_vs_conn *cp, int outin)
355 struct nf_conn *ct = (struct nf_conn *)skb->nfct;
356 struct nf_conntrack_tuple new_tuple;
358 if (ct == NULL || nf_ct_is_untracked(ct) || nf_ct_is_confirmed(ct))
362 * The connection is not yet in the hashtable, so we update it.
363 * CIP->VIP will remain the same, so leave the tuple in
364 * IP_CT_DIR_ORIGINAL untouched. When the reply comes back from the
365 * real-server we will see RIP->DIP.
367 new_tuple = ct->tuplehash[IP_CT_DIR_REPLY].tuple;
369 new_tuple.src.u3 = cp->daddr;
371 new_tuple.dst.u3 = cp->vaddr;
373 * This will also take care of UDP and other protocols.
376 new_tuple.src.u.tcp.port = cp->dport;
378 new_tuple.dst.u.tcp.port = cp->vport;
379 nf_conntrack_alter_reply(ct, &new_tuple);
383 * NAT transmitter (only for outside-to-inside nat forwarding)
384 * Not used for related ICMP
387 ip_vs_nat_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
388 struct ip_vs_protocol *pp)
390 struct rtable *rt; /* Route to the other host */
392 struct iphdr *iph = ip_hdr(skb);
396 /* check if it is a connection of no-client-port */
397 if (unlikely(cp->flags & IP_VS_CONN_F_NO_CPORT)) {
399 p = skb_header_pointer(skb, iph->ihl*4, sizeof(_pt), &_pt);
402 ip_vs_conn_fill_cport(cp, *p);
403 IP_VS_DBG(10, "filled cport=%d\n", ntohs(*p));
406 if (!(rt = __ip_vs_get_out_rt(cp, RT_TOS(iph->tos))))
410 mtu = dst_mtu(&rt->dst);
411 if ((skb->len > mtu) && (iph->frag_off & htons(IP_DF))) {
413 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu));
414 IP_VS_DBG_RL_PKT(0, pp, skb, 0, "ip_vs_nat_xmit(): frag needed for");
418 /* copy-on-write the packet before mangling it */
419 if (!skb_make_writable(skb, sizeof(struct iphdr)))
422 if (skb_cow(skb, rt->dst.dev->hard_header_len))
427 skb_dst_set(skb, &rt->dst);
429 /* mangle the packet */
430 if (pp->dnat_handler && !pp->dnat_handler(skb, pp, cp))
432 ip_hdr(skb)->daddr = cp->daddr.ip;
433 ip_send_check(ip_hdr(skb));
435 IP_VS_DBG_PKT(10, pp, skb, 0, "After DNAT");
437 ip_vs_update_conntrack(skb, cp, 1);
439 /* FIXME: when application helper enlarges the packet and the length
440 is larger than the MTU of outgoing device, there will be still
443 /* Another hack: avoid icmp_send in ip_fragment */
446 IP_VS_XMIT(NFPROTO_IPV4, skb, rt);
452 dst_link_failure(skb);
462 #ifdef CONFIG_IP_VS_IPV6
464 ip_vs_nat_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
465 struct ip_vs_protocol *pp)
467 struct rt6_info *rt; /* Route to the other host */
472 /* check if it is a connection of no-client-port */
473 if (unlikely(cp->flags & IP_VS_CONN_F_NO_CPORT)) {
475 p = skb_header_pointer(skb, sizeof(struct ipv6hdr),
479 ip_vs_conn_fill_cport(cp, *p);
480 IP_VS_DBG(10, "filled cport=%d\n", ntohs(*p));
483 rt = __ip_vs_get_out_rt_v6(cp);
488 mtu = dst_mtu(&rt->dst);
489 if (skb->len > mtu) {
490 dst_release(&rt->dst);
491 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
492 IP_VS_DBG_RL_PKT(0, pp, skb, 0,
493 "ip_vs_nat_xmit_v6(): frag needed for");
497 /* copy-on-write the packet before mangling it */
498 if (!skb_make_writable(skb, sizeof(struct ipv6hdr)))
501 if (skb_cow(skb, rt->dst.dev->hard_header_len))
506 skb_dst_set(skb, &rt->dst);
508 /* mangle the packet */
509 if (pp->dnat_handler && !pp->dnat_handler(skb, pp, cp))
511 ipv6_hdr(skb)->daddr = cp->daddr.in6;
513 IP_VS_DBG_PKT(10, pp, skb, 0, "After DNAT");
515 ip_vs_update_conntrack(skb, cp, 1);
517 /* FIXME: when application helper enlarges the packet and the length
518 is larger than the MTU of outgoing device, there will be still
521 /* Another hack: avoid icmp_send in ip_fragment */
524 IP_VS_XMIT(NFPROTO_IPV6, skb, rt);
530 dst_link_failure(skb);
536 dst_release(&rt->dst);
543 * IP Tunneling transmitter
545 * This function encapsulates the packet in a new IP packet, its
546 * destination will be set to cp->daddr. Most code of this function
547 * is taken from ipip.c.
549 * It is used in VS/TUN cluster. The load balancer selects a real
550 * server from a cluster based on a scheduling algorithm,
551 * encapsulates the request packet and forwards it to the selected
552 * server. For example, all real servers are configured with
553 * "ifconfig tunl0 <Virtual IP Address> up". When the server receives
554 * the encapsulated packet, it will decapsulate the packet, processe
555 * the request and return the response packets directly to the client
556 * without passing the load balancer. This can greatly increase the
557 * scalability of virtual server.
559 * Used for ANY protocol
562 ip_vs_tunnel_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
563 struct ip_vs_protocol *pp)
565 struct rtable *rt; /* Route to the other host */
566 struct net_device *tdev; /* Device to other host */
567 struct iphdr *old_iph = ip_hdr(skb);
568 u8 tos = old_iph->tos;
569 __be16 df = old_iph->frag_off;
570 sk_buff_data_t old_transport_header = skb->transport_header;
571 struct iphdr *iph; /* Our new IP header */
572 unsigned int max_headroom; /* The extra header space needed */
577 if (skb->protocol != htons(ETH_P_IP)) {
578 IP_VS_DBG_RL("%s(): protocol error, "
579 "ETH_P_IP: %d, skb protocol: %d\n",
580 __func__, htons(ETH_P_IP), skb->protocol);
584 if (!(rt = __ip_vs_get_out_rt(cp, RT_TOS(tos))))
589 mtu = dst_mtu(&rt->dst) - sizeof(struct iphdr);
592 IP_VS_DBG_RL("%s(): mtu less than 68\n", __func__);
596 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), mtu);
598 df |= (old_iph->frag_off & htons(IP_DF));
600 if ((old_iph->frag_off & htons(IP_DF))
601 && mtu < ntohs(old_iph->tot_len)) {
602 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu));
604 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
609 * Okay, now see if we can stuff it in the buffer as-is.
611 max_headroom = LL_RESERVED_SPACE(tdev) + sizeof(struct iphdr);
613 if (skb_headroom(skb) < max_headroom
614 || skb_cloned(skb) || skb_shared(skb)) {
615 struct sk_buff *new_skb =
616 skb_realloc_headroom(skb, max_headroom);
620 IP_VS_ERR_RL("%s(): no memory\n", __func__);
625 old_iph = ip_hdr(skb);
628 skb->transport_header = old_transport_header;
630 /* fix old IP header checksum */
631 ip_send_check(old_iph);
633 skb_push(skb, sizeof(struct iphdr));
634 skb_reset_network_header(skb);
635 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
639 skb_dst_set(skb, &rt->dst);
642 * Push down and install the IPIP header.
646 iph->ihl = sizeof(struct iphdr)>>2;
648 iph->protocol = IPPROTO_IPIP;
650 iph->daddr = rt->rt_dst;
651 iph->saddr = rt->rt_src;
652 iph->ttl = old_iph->ttl;
653 ip_select_ident(iph, &rt->dst, NULL);
655 /* Another hack: avoid icmp_send in ip_fragment */
665 dst_link_failure(skb);
672 #ifdef CONFIG_IP_VS_IPV6
674 ip_vs_tunnel_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
675 struct ip_vs_protocol *pp)
677 struct rt6_info *rt; /* Route to the other host */
678 struct net_device *tdev; /* Device to other host */
679 struct ipv6hdr *old_iph = ipv6_hdr(skb);
680 sk_buff_data_t old_transport_header = skb->transport_header;
681 struct ipv6hdr *iph; /* Our new IP header */
682 unsigned int max_headroom; /* The extra header space needed */
687 if (skb->protocol != htons(ETH_P_IPV6)) {
688 IP_VS_DBG_RL("%s(): protocol error, "
689 "ETH_P_IPV6: %d, skb protocol: %d\n",
690 __func__, htons(ETH_P_IPV6), skb->protocol);
694 rt = __ip_vs_get_out_rt_v6(cp);
700 mtu = dst_mtu(&rt->dst) - sizeof(struct ipv6hdr);
701 /* TODO IPv6: do we need this check in IPv6? */
703 dst_release(&rt->dst);
704 IP_VS_DBG_RL("%s(): mtu less than 1280\n", __func__);
708 skb_dst(skb)->ops->update_pmtu(skb_dst(skb), mtu);
710 if (mtu < ntohs(old_iph->payload_len) + sizeof(struct ipv6hdr)) {
711 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
712 dst_release(&rt->dst);
713 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
718 * Okay, now see if we can stuff it in the buffer as-is.
720 max_headroom = LL_RESERVED_SPACE(tdev) + sizeof(struct ipv6hdr);
722 if (skb_headroom(skb) < max_headroom
723 || skb_cloned(skb) || skb_shared(skb)) {
724 struct sk_buff *new_skb =
725 skb_realloc_headroom(skb, max_headroom);
727 dst_release(&rt->dst);
729 IP_VS_ERR_RL("%s(): no memory\n", __func__);
734 old_iph = ipv6_hdr(skb);
737 skb->transport_header = old_transport_header;
739 skb_push(skb, sizeof(struct ipv6hdr));
740 skb_reset_network_header(skb);
741 memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
745 skb_dst_set(skb, &rt->dst);
748 * Push down and install the IPIP header.
752 iph->nexthdr = IPPROTO_IPV6;
753 iph->payload_len = old_iph->payload_len;
754 be16_add_cpu(&iph->payload_len, sizeof(*old_iph));
755 iph->priority = old_iph->priority;
756 memset(&iph->flow_lbl, 0, sizeof(iph->flow_lbl));
757 iph->daddr = rt->rt6i_dst.addr;
758 iph->saddr = cp->vaddr.in6; /* rt->rt6i_src.addr; */
759 iph->hop_limit = old_iph->hop_limit;
761 /* Another hack: avoid icmp_send in ip_fragment */
771 dst_link_failure(skb);
781 * Direct Routing transmitter
782 * Used for ANY protocol
785 ip_vs_dr_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
786 struct ip_vs_protocol *pp)
788 struct rtable *rt; /* Route to the other host */
789 struct iphdr *iph = ip_hdr(skb);
794 if (!(rt = __ip_vs_get_out_rt(cp, RT_TOS(iph->tos))))
798 mtu = dst_mtu(&rt->dst);
799 if ((iph->frag_off & htons(IP_DF)) && skb->len > mtu) {
800 icmp_send(skb, ICMP_DEST_UNREACH,ICMP_FRAG_NEEDED, htonl(mtu));
802 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
807 * Call ip_send_check because we are not sure it is called
808 * after ip_defrag. Is copy-on-write needed?
810 if (unlikely((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL)) {
814 ip_send_check(ip_hdr(skb));
818 skb_dst_set(skb, &rt->dst);
820 /* Another hack: avoid icmp_send in ip_fragment */
823 IP_VS_XMIT(NFPROTO_IPV4, skb, rt);
829 dst_link_failure(skb);
836 #ifdef CONFIG_IP_VS_IPV6
838 ip_vs_dr_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
839 struct ip_vs_protocol *pp)
841 struct rt6_info *rt; /* Route to the other host */
846 rt = __ip_vs_get_out_rt_v6(cp);
851 mtu = dst_mtu(&rt->dst);
852 if (skb->len > mtu) {
853 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
854 dst_release(&rt->dst);
855 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
860 * Call ip_send_check because we are not sure it is called
861 * after ip_defrag. Is copy-on-write needed?
863 skb = skb_share_check(skb, GFP_ATOMIC);
864 if (unlikely(skb == NULL)) {
865 dst_release(&rt->dst);
871 skb_dst_set(skb, &rt->dst);
873 /* Another hack: avoid icmp_send in ip_fragment */
876 IP_VS_XMIT(NFPROTO_IPV6, skb, rt);
882 dst_link_failure(skb);
892 * ICMP packet transmitter
893 * called by the ip_vs_in_icmp
896 ip_vs_icmp_xmit(struct sk_buff *skb, struct ip_vs_conn *cp,
897 struct ip_vs_protocol *pp, int offset)
899 struct rtable *rt; /* Route to the other host */
905 /* The ICMP packet for VS/TUN, VS/DR and LOCALNODE will be
906 forwarded directly here, because there is no need to
907 translate address/port back */
908 if (IP_VS_FWD_METHOD(cp) != IP_VS_CONN_F_MASQ) {
910 rc = cp->packet_xmit(skb, cp, pp);
913 /* do not touch skb anymore */
914 atomic_inc(&cp->in_pkts);
919 * mangle and send the packet here (only for VS/NAT)
922 if (!(rt = __ip_vs_get_out_rt(cp, RT_TOS(ip_hdr(skb)->tos))))
926 mtu = dst_mtu(&rt->dst);
927 if ((skb->len > mtu) && (ip_hdr(skb)->frag_off & htons(IP_DF))) {
929 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu));
930 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
934 /* copy-on-write the packet before mangling it */
935 if (!skb_make_writable(skb, offset))
938 if (skb_cow(skb, rt->dst.dev->hard_header_len))
941 /* drop the old route when skb is not shared */
943 skb_dst_set(skb, &rt->dst);
945 ip_vs_nat_icmp(skb, pp, cp, 0);
947 /* Another hack: avoid icmp_send in ip_fragment */
950 IP_VS_XMIT(NFPROTO_IPV4, skb, rt);
956 dst_link_failure(skb);
968 #ifdef CONFIG_IP_VS_IPV6
970 ip_vs_icmp_xmit_v6(struct sk_buff *skb, struct ip_vs_conn *cp,
971 struct ip_vs_protocol *pp, int offset)
973 struct rt6_info *rt; /* Route to the other host */
979 /* The ICMP packet for VS/TUN, VS/DR and LOCALNODE will be
980 forwarded directly here, because there is no need to
981 translate address/port back */
982 if (IP_VS_FWD_METHOD(cp) != IP_VS_CONN_F_MASQ) {
984 rc = cp->packet_xmit(skb, cp, pp);
987 /* do not touch skb anymore */
988 atomic_inc(&cp->in_pkts);
993 * mangle and send the packet here (only for VS/NAT)
996 rt = __ip_vs_get_out_rt_v6(cp);
1001 mtu = dst_mtu(&rt->dst);
1002 if (skb->len > mtu) {
1003 dst_release(&rt->dst);
1004 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
1005 IP_VS_DBG_RL("%s(): frag needed\n", __func__);
1009 /* copy-on-write the packet before mangling it */
1010 if (!skb_make_writable(skb, offset))
1013 if (skb_cow(skb, rt->dst.dev->hard_header_len))
1016 /* drop the old route when skb is not shared */
1018 skb_dst_set(skb, &rt->dst);
1020 ip_vs_nat_icmp_v6(skb, pp, cp, 0);
1022 /* Another hack: avoid icmp_send in ip_fragment */
1025 IP_VS_XMIT(NFPROTO_IPV6, skb, rt);
1031 dst_link_failure(skb);
1039 dst_release(&rt->dst);
git://bbs.cooldavid.org / net-next-2.6.git / blob