| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160520103939.723f2a42@griffin> Date: Fri, 20 May 2016 10:39:39 +0200 From: Jiri Benc <jbenc@...hat.com> To: Simon Horman <simon.horman@...ronome.com> Cc: netdev@...r.kernel.org, dev@...nvswitch.org, Lorand Jakab <lojakab@...co.com>, Thomas Morin <thomas.morin@...nge.com> Subject: Re: [PATCH v9 net-next 4/7] openvswitch: add layer 3 flow/port support On Fri, 20 May 2016 17:16:13 +0900, Simon Horman wrote: > My understanding is that currently OvS handles access ports using a > push_vlan action. When needed (i.e. when the packet goes to a non-access port), yes. > And that this patch set in conjunction with its > user-space counterpart should ensure that a push_eth action occurs first. > This is the context of my remarks above. Okay, works for me principally. If it's later found insufficient, relaxing push_vlan and pop_vlan to work also for L3 frames is still easily possible without breaking compatibility. Out of curiosity (and without looking at the user space patchset), what will the pushed Ethernet header contain? E.g., consider the following scenario: two GRE ports, both set as access ports with the same tag, and a mirror port mirroring everything. Now an IP packet without inner Ethernet header is received on one of the GRE interfaces. Will the packet be output to the second GRE port? Will it be sent out without the inner Ethernet header? Are custom rules necessary, or will NORMAL take care of this? What will be sent to the mirror port? Thanks! Jiri
Powered by blists - more mailing lists