| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Feb 2016 16:37:50 -0500 (EST) From: David Miller <davem@...emloft.net> To: tom@...bertland.com Cc: tgraf@...g.ch, pabeni@...hat.com, jbenc@...hat.com, pshelar@...ira.com, jesse@...nel.org, netdev@...r.kernel.org Subject: Re: [PATCH net-next] lwt: fix rx checksum setting for lwt devices tunneling over ipv6 From: Tom Herbert <tom@...bertland.com> Date: Tue, 16 Feb 2016 13:31:34 -0800 > On Feb 16, 2016 12:53 PM, "David Miller" <davem@...emloft.net> wrote: >> And practically speaking we disappear from the internet for VXLAN tunnel >> endpoints implementing the VXLAN spec properly. >> >> That's not going to help anyone at all. > > A lot of effort has gone into defining the constraints for using zero udp6 > csum (look at Rfc6935 and rfc6936). Just because Cisco unilaterally decided > the csum is a nuisance, doesn't mean it can be ignored. No udp6 csum > increases chance of misdelivery, which in multitenant nv is really bad. People who review RFCs had ample opportunity to review the VXLAN RFC and find this issue and fix it. It slipped through and now we are stuck with it, just like we are stuck with bad user facing kernel APIs. Objecting now and voicing our objection by breaking interoperability serves no useful purpose whatsoever.
Powered by blists - more mailing lists