From 7d0d8ed6816816cf1193aee9147a1cf5bb45ddb3 Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Thu, 2 Mar 2023 15:04:33 +0100
Subject: [PATCH] dnsdist: Punt fragmented UDP dgrams to the kernel in
 xdp-filter

---
 contrib/xdp-filter.ebpf.src | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/contrib/xdp-filter.ebpf.src b/contrib/xdp-filter.ebpf.src
index 8de35a0445..786d9d75a3 100644
--- a/contrib/xdp-filter.ebpf.src
+++ b/contrib/xdp-filter.ebpf.src
@@ -195,6 +195,14 @@ static inline enum xdp_action parseIPV4(struct xdp_md* ctx, struct cursor* c)
     goto res;
   }
 
+  // ignore the DF flag
+  const uint16_t fragMask = htons(~(1 << 14));
+  uint16_t frag = ipv4->frag_off & fragMask;
+  if (frag != 0) {
+    // MF flag is set, or Fragment Offset is != 0
+    return XDP_PASS;
+  }
+
   if (dns) {
     value = check_qname(c);
   }
-- 
2.47.3