lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 15 May 2013 15:01:33 -0700
From:	Stephen Hemminger <stephen@...workplumber.org>
To:	Sridhar Samudrala <samudrala.sridhar@...il.com>
Cc:	David Miller <davem@...emloft.net>, dlstevens@...ibm.com,
	amwang@...hat.com, netdev@...r.kernel.org,
	netdev-owner@...r.kernel.org
Subject: Re: [PATCH] vxlan: force user to set port value

On Wed, 15 May 2013 14:57:54 -0700
Sridhar Samudrala <samudrala.sridhar@...il.com> wrote:

> On 5/15/2013 1:48 PM, Stephen Hemminger wrote:
> > This change shifts burden onto the users to choose the UDP port value.
> > There is no default value, the destination port must be specified.
> >
> > This is a migration compromise. The initial development of VXLAN
> > used UDP port 5287 but now there is an official assigned port for
> The original and current kernel default is 8472.
> > VXLAN.  The kernel can't change because of legacy compatibility
> > but new deployments should not use the legacy port value.
> >
> > ---
> >   ip/iplink_vxlan.c |   13 ++++++++++++-
> >   1 file changed, 12 insertions(+), 1 deletion(-)
> >
> > diff --git a/ip/iplink_vxlan.c b/ip/iplink_vxlan.c
> > index 2d93ee2..263feca 100644
> > --- a/ip/iplink_vxlan.c
> > +++ b/ip/iplink_vxlan.c
> > @@ -53,7 +53,8 @@ static int vxlan_parse_opt(struct link_util *lu, int argc, char **argv,
> >   	__u8 noage = 0;
> >   	__u32 age = 0;
> >   	__u32 maxaddr = 0;
> > -	__u16 dstport = 4789;
> > +	__u16 dstport = 0;
> > +	int dst_port_set = 0;
> >   	struct ifla_vxlan_port_range range = { 0, 0 };
> >   
> >   	while (argc > 0) {
> > @@ -131,6 +132,7 @@ static int vxlan_parse_opt(struct link_util *lu, int argc, char **argv,
> >   			NEXT_ARG();
> >   			if (get_u16(&dstport, *argv, 0))
> >   				invarg("dst port", *argv);
> > +			dst_port_set = 1;
> >   		} else if (!matches(*argv, "nolearning")) {
> >   			learning = 0;
> >   		} else if (!matches(*argv, "learning")) {
> > @@ -161,10 +163,18 @@ static int vxlan_parse_opt(struct link_util *lu, int argc, char **argv,
> >   		}
> >   		argc--, argv++;
> >   	}
> > +
> >   	if (!vni_set) {
> >   		fprintf(stderr, "vxlan: missing virtual network identifier\n");
> >   		return -1;
> >   	}
> > +
> > +	if (!dst_port_set) {
> > +		fprintf(stderr, "vxlan: destination port not specified\n"
> > +			"Use 'dstport 4789' to get the IANA assigned value\n");
> > +		return -1;
> > +	}
> Just setting the dstport 4789 is not enough. The user has to make sure 
> that the
> vxlan module is loaded with a module  parameter 'udp_port' set to 4789.

With this (and other fix) the kernel parameter is irrelevant.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists