lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20170414103830.111a24a8@xeon-e3>
Date:   Fri, 14 Apr 2017 10:38:30 -0700
From:   Stephen Hemminger <stephen@...workplumber.org>
To:     Matthias Schiffer <mschiffer@...verse-factory.net>
Cc:     davem@...emloft.net, jbenc@...hat.com, hannes@...essinduktion.org,
        pshelar@....org, aduyck@...antis.com, roopa@...ulusnetworks.com,
        netdev@...r.kernel.org, dev@...nvswitch.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next v2 6/6] vxlan: allow multiple VXLANs with same
 VNI for IPv6 link-local addresses

On Fri, 14 Apr 2017 18:44:46 +0200
Matthias Schiffer <mschiffer@...verse-factory.net> wrote:

> As link-local addresses are only valid for a single interface, we can allow
> to use the same VNI for multiple independent VXLANs, as long as the used
> interfaces are distinct. This way, VXLANs can always be used as a drop-in
> replacement for VLANs with greater ID space.
> 
> This also extends VNI lookup to respect the ifindex when link-local IPv6
> addresses are used, so using the same VNI on multiple interfaces can
> actually work.
> 
> Signed-off-by: Matthias Schiffer <mschiffer@...verse-factory.net>

Why does this have to be IPv6 specific?

What about the case where VXLAN is not bound to an interface?
If that is used then that could be a problem.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ