lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 26 Aug 2020 01:45:14 +0200
From:   Ahmed Abdelsalam <ahabdels@...il.com>
To:     David Ahern <dsahern@...il.com>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Alexey Kuznetsov <kuznet@....inr.ac.ru>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
        Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Cc:     andrea.mayer@...roma2.it
Subject: Re: [net-next v5 1/2] seg6: inherit DSCP of inner IPv4 packets

On 25/08/2020 18:45, David Ahern wrote:
> On 8/25/20 10:02 AM, Ahmed Abdelsalam wrote:
>> This patch allows SRv6 encapsulation to inherit the DSCP value of
>> the inner IPv4 packet.
>>
>> This allows forwarding packet across the SRv6 fabric based on their
>> original traffic class.
>>
>> The option is controlled through a sysctl (seg6_inherit_inner_ipv4_dscp).
>> The sysctl has to be set to 1 to enable this feature.
>>
> 
> rather than adding another sysctl, can this be done as a SEG6_LOCAL
> attribute and managed via seg6_local_lwt?
> 

Hi David

The seg6 encap is implemented through the seg6_lwt rather than 
seg6_local_lwt.
We can add a flag(SEG6_IPTUNNEL_DSCP) in seg6_iptunnel.h if we do not 
want to go the sysctl direction.
Perhaps this would require various changes to seg6 infrastructure 
including seg6_iptunnel_policy, seg6_build_state, fill_encap, 
get_encap_size, etc.

We have proposed a patch before to support optional parameters for SRv6 
behaviors [1].
Unfortunately, this patch was rejected.

So i do not know which option is better.

[1] 
https://patchwork.ozlabs.org/project/netdev/patch/20200319183641.29608-1-andrea.mayer@uniroma2.it/

Ahmed

Powered by blists - more mailing lists