lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 3 Jan 2014 15:27:19 +0100
From:	Andreas Hartmann <>
Subject: Strange problem with vxlan!

Given is the following network architecture: connection of a virtual bridge br0 and a remote ethernet-switch through vxlan tunnel via WLAN:

host 			[br0: tap0,vxlan0]
    				|    ||
				|    ===========
				|	      ||
				|	      ||
VM (WLAN access point)	[br0: eth0, wlan0]    ||
				      |	      ||
				      |	      ||
			  -------------	      ||
			  |		      ||
STA			[wlan0, br0: eth0, vxlan0]
notebook [eth0]

The configuration of the vxlan is:

host: route add -net netmask dev br0
      ip li add vxlan0 type vxlan id 1 group dev br0

STA:  route add -net netmask dev wlan0
      ip li add vxlan0 type vxlan id 1 group dev wlan0

This means: the endpoints of the vxlan tunnel are br0 (host) and STA (wlan0). 
Between them, there is the WLAN AP (a VM belonging to the host).

Now the problem:

If the VM (=AP) runs e.g. Linux 3.4.x, all is working fine as expected. 
If the VM runs 3.12.x or even 3.10.x, the tunnel works fine a few minutes after creation. Afterwards it is broken.

Broken means:
A "dhcpcd eth0" e.g. on the notebook times out, doesn't work any more. Traces show:
The udp-tunnel-packages sent by the STA through vxlan0 can be seen on the host / tap0, but they can't be seen on vxlan0 (if it works, they can be seen on the vxlan0 device, too).

On the host runs Linux 3.10.x, on the STA 3.11.6.

Any idea why vxlan is broken w/ Linux 3.12.x or 3.10.x on the VM (AP)?

Thanks in advance for any hint,
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists