[dhcp-relay]: Prevent Buffer Overrun Of Malformed DHCP Packet
The add/strip relay agent options does not take into account the buffer
length and so it is possible to overrun the buffer. The issue will
result in contents from previous packet being added to the current one.
signed-off-by: Tamer Ahmed <tamer.ahmed@microsoft.com>
Patch isc-dhcp-relay in order to allow the relay agent to discover configured interfaces even if they are down.
Without this patch, the relay agent will not discover configured interfaces if they are down when the relay agent starts up. If the interface(s) then get brought up after the relay started, the relay will discard packets received on these interfaces and log the message, Discarding packet received on <iface_name> interface that has no IPv4 address assigned. This led to race conditions when starting SONiC (or loading configuration). To resolve this, the relay agent would need to be restarted with all configured interfaces up.
With this patch, the relay agent will discover all configured interfaces, whether or not they are up at the time the relay agent starts. Thus, the state of the configured interfaces can be down when the relay agent starts and brought up during the lifetime of the relay agent process, and the relay agent will relay packets as expected; it will not discard them.
ARM Architecture support in SONIC
make configure platform=[ASIC_VENDOR_ARCH] PLATFORM_ARCH=[ARM_ARCH]
SONIC_ARCH: default amd64
armhf - arm32bit
arm64 - arm64bit
Signed-off-by: Antony Rheneus <arheneus@marvell.com>
* Base DHCP relay Docker image on Strech base Docker
* Change URL for isc-dhcp source repository
* Upgrade isc-dhcp source branch to 4.3.5-3.1
* Update patch #0001 to apply to isc-dhcp 4.3.5-3.1
* Update patch #0002 to apply to isc-dhcp 4.3.5-3.1
* Update patch #0003 to apply to isc-dhcp 4.3.5-3.1
* Update patch #0004 to apply to isc-dhcp 4.3.5-3.1
* Remove security patches, as they are now applied as part of 4.3.5-3.1 source
* Reorder patches to apply bug fix first, then features
* Extend makefile to build debug Docker image
* Update commit that series file applies against
This reverts commit 64602ad5b2.
Reverting this commit because the root cause of the issue was due to
a Broadcom SDK bug which caused VLAN-tagged packets to be tagged twice.
When packets were double-tagged, only one tag was getting stripped before
the packet was trapped to the CPU. However, the second tag was left behind,
which would cause the DHCP relay agent to ignore the packet. The bug has
since been fixed, so now all VLAN-tagged packets should properly have their
tag removed before being trapped to the CPU. Therefore the DHCP relay
agent should never encounter a VLAN-tagged packet.
* [DHCP relay]: Fix bug which could cause incorrect interface name association
* Add patches to series file and apply using stgit
* Update .gitignore in order to ignore downloaded and generated files
* Reorganize src/ subdirectories alphabetically in .gitignore
