I have a test case eBPF/AF_XDP test case which is supposed to take incoming ethernet packets from an interface, send them to user-space using an AF_XDP socket, filter them according to some criterion (for the moment I am accepting all packets), and send them into the Linux kernel for regular network stack processing using a tun/tap 'tun' interface.
To get the test case to go, you have to copy the xsk_def_xdp_prog.c file over the matching file in xdp-tools (xdp-tools/lib/libxdp/xsk_def_xdp_prog.c) , and rebuild and install libxdp.
Most inbound packets should generate a reply, e.g. an incoming ICMP ping request should generate an ICMP ping response, and an incoming tcp SYN request for an ssh session should generate a tcp ACK packet if there is an sshd running. 'tcpdump' on the tun interface confirms that the packets are arriving there.
However I don't see any reponse packets. I was expecting the response packets to go from the kernel network stack to the eth device where the eBPF program for ingress is running; but 'tcpdump' does not show anything there and neither the 'ping' nor the 'ssh' gets any response on the client machine.
I thought the packets might be going to the tun interface, but this does not appear to be the case either.
Can anyone tell me where the packets are going to and how to trace them ?
It doesn't appear that 'iptables' is discarding them; I tried 'iptables -P FORWARD ACCEPT' and 'iptables -F FORWARD' with no effect, and now 'iptables -L' shows
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
also all the 'forwarding' controls under /proc/sys/net/ipv4 are set to 1, so it is not a problem with disabled forwarding.
I am using Ubuntu 22.04 with 5.15.0-48-generic kernel.
