[mpls-linux-general] iptables and label space

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi James,
           i'm reading ma/iling list about MPLS for Linux and =
i've found a mail
that i've not understood  Antonio Mancuso 11/
=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
 Hell=
o,
 on my test network I noticed a strange bahaviour
 regarding MPLS tr=
affic.

 Here my problem:

 Host A: 192.168.10.10   ------------>  =
  Host B: 192.168.10.20

 On host A:
 - mplsadm2 -A -O 0
   Key: =
0x00000385
   Out Segment add: Success

 - mplsadm2 -O 0x385 -o push:=
gen:170:set:tap0:ipv4:192.168.10.20
   Out Instr: Success

 - more /p=
roc/net/mpls_out
   0x00000385 0/0/0 1 PUSH(gen 170) SET(tap0,192.168.10=
.20)

 Now if I do, from A: ping 192.168.10.20 on B I receive normal e=
thernet packet
 and that"s fine.

 - iptables -t mangle -A OUTPUT -d =
192.168.10.20 -j MPLS --set-key 0x385

 Now, as expected, on B I recei=
ve MPLS packet marked with 170 as label.
 - more /proc/net/mpls_out
   =
0x00000385 70/5880/0 2 PUSH(gen 170) SET(tap0,192.168.10.20)

 Now If =
I remove the iptables entry in this way:
 - iptables -t mangle -D OUTPUT=
 -d 192.168.10.20 -j MPLS --set-key 0x385

 on host B I still receive =
MPLS packet marked with 170 as label
 and

 - more /proc/net/mpls_out=

   0x00000385 183/15372/0 2 PUSH(gen 170) SET(tap0,192.168.10.20)
 =0D
=
 the counter continue to go up.

 So, do you think this is a right =
behaviour?
 If yes, how can I stop host A to sending MPLS packets withou=
t removing the
 mpls key in /proc/net/mpls_out, but just acting on iptab=
les?

Which is the problem? Also if he removes the rules there is outgo=
ing lable space
with label 170 setted yet. For me it is normal that host=
 B receives packets with
MPLS header, isn't it? Could you explain me why=
?
Thanks in advance for the help=0A=0A=0A=0A____________________________=
________________________________=0ALibero ADSL: navighi gratis a 1.2 Mega=
, senza canone e costi di attivazione. =0AAbbonati subito su http://www.l=
ibero.it =0A