[BPF] make host networked propcesses work with vxlan

Tunnel key is set at the vxlan device as that the the first place where
to set it.

Author: tomastigera

felix/bpf-gpl/fib_co_re.h

@@ -164,6 +164,33 @@ static CALI_BPF_INLINE int forward_or_drop(struct cali_tc_ctx *ctx)
 				goto skip_fib;
 			}
 		}
+	} else if (CALI_F_VXLAN && CALI_F_TO_HEP) {
+		if (!(ctx->skb->mark & CALI_SKB_MARK_SEEN)) {
+			/* packet to vxlan from the host, needs to set tunnel key */
+			struct cali_rt *dest_rt = cali_rt_lookup(&ctx->state->ip_dst);
+			if (dest_rt == NULL) {
+				CALI_DEBUG("No route for " IP_FMT, &ctx->state->ip_dst);
+				goto deny;
+			}
+			if (!cali_rt_is_vxlan(dest_rt)) {
+				CALI_DEBUG("Not a vxlan route for " IP_FMT " at vxlan device", &ctx->state->ip_dst);
+				goto deny;
+			}
+
+			struct bpf_tunnel_key key = {
+				.tunnel_id = 4096,
+				.tunnel_ttl = 16,
+			};
+#ifdef IPVER6
+			ipv6_addr_t_to_be32_4_ip(key.remote_ipv6, &dest_rt->next_hop);
+#else
+			key.remote_ipv4 = bpf_htonl(dest_rt->next_hop);
+#endif
+
+			int err = bpf_skb_set_tunnel_key(
+					ctx->skb, &key, offsetof(struct bpf_tunnel_key, local_ipv4), BPF_F_ZERO_CSUM_TX);
+			CALI_DEBUG("bpf_skb_set_tunnel_key %d", err);
+		}
 	}
 
 #if CALI_FIB_ENABLED

felix/dataplane/linux/bpf_route_mgr.go

@@ -359,7 +359,12 @@ func (m *bpfRouteManager) calculateRoute(cidr ip.CIDR) routes.ValueInterface {
 		}
 	} else if rts&proto.RouteType_REMOTE_TUNNEL == proto.RouteType_REMOTE_TUNNEL {
 		flags |= routes.FlagsRemoteTunneledHost
-		route = m.bpfOps.NewValueWithNextHop(flags, cidr.Addr())
+		switch cgRoute.IpPoolType {
+		case proto.IPPoolType_VXLAN:
+			flags |= routes.FlagVXLAN
+		}
+		nodeIP := net.ParseIP(cgRoute.DstNodeIp)
+		route = m.bpfOps.NewValueWithNextHop(flags, ip.FromNetIP(nodeIP))
 	} else if rts&proto.RouteType_REMOTE_HOST == proto.RouteType_REMOTE_HOST {
 		flags |= routes.FlagsRemoteHost
 		if cgRoute.DstNodeIp == "" {