I am new to ebpf and I am trying to implement an Cilium ebpf-based load balancer. The function is to redirect 3-layer packet from eth0(172.126.1.0/24) to eth1(172.126.2.0/24, where my backends in).
The key lines of my code is:
__u32 *client_proxy_ip = bpf_map_lookup_elem(&client_to_proxy, &iph->saddr); // get backend ip
unsigned char (*proxyMAC)[6] = bpf_map_lookup_elem(&proxy_info, client_proxy_ip); // get backend proxy
iph->daddr = bpf_htonl(*client_proxy_ip); // modify ip dst
unsigned char lb_eth1[6]={0x02,0x42,0xac,0x7e,0x02,0x9f}; // lb eth1 mac
memcpy(eth->h_source, lb_eth1, ETH_ALEN); // modify source mac from source mac to eth1 mac
memcpy(eth->h_dest, *proxyMAC, ETH_ALEN); // modify destination mac from lb eth0 mac to backend mac
iph->ttl--; // modify ttl
iph->check = 0;
iph->check = ip_checksum((__u16 *)iph, sizeof(struct iphdr)); // update ip header checksum
return bpf_redirect(out_index, 0);
Then I use scapy to create a simple TCP packet in Python, but I use ifconfig then I see:
eth0 : TX packets 1 dropped 0eth1 : TX packets 0 dropped 1
If I comment the above logic, no packets will be dropped. In addition, I cannot use tcpdump to capture any desired packets. Is there any mistakes I am making?