lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 22 Aug 2017 14:29:42 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     u9012063@...il.com
Cc:     netdev@...r.kernel.org, mvohra@...are.com, kuznet@....inr.ac.ru,
        yoshfuji@...ux-ipv6.org
Subject: Re: [PATCHv4 net-next] gre: introduce native tunnel support for
 ERSPAN

From: William Tu <u9012063@...il.com>
Date: Tue, 22 Aug 2017 09:40:28 -0700

> The patch adds ERSPAN type II tunnel support.  The implementation
> is based on the draft at [1].  One of the purposes is for Linux
> box to be able to receive ERSPAN monitoring traffic sent from
> the Cisco switch, by creating a ERSPAN tunnel device.
> In addition, the patch also adds ERSPAN TX, so Linux virtual
> switch can redirect monitored traffic to the ERSPAN tunnel device.
> The traffic will be encapsulated into ERSPAN and sent out.
> 
> The implementation reuses tunnel key as ERSPAN session ID, and
> field 'erspan' as ERSPAN Index fields:
> ./ip link add dev ers11 type erspan seq key 100 erspan 123 \
> 			local 172.16.1.200 remote 172.16.1.100
> 
> To use the above device as ERSPAN receiver, configure
> Nexus 5000 switch as below:
> 
> monitor session 100 type erspan-source
>   erspan-id 123
>   vrf default
>   destination ip 172.16.1.200
>   source interface Ethernet1/11 both
>   source interface Ethernet1/12 both
>   no shut
> monitor erspan origin ip-address 172.16.1.100 global
> 
> [1] https://tools.ietf.org/html/draft-foschiano-erspan-01
> [2] iproute2 patch: http://marc.info/?l=linux-netdev&m=150306086924951&w=2
> [3] test script: http://marc.info/?l=linux-netdev&m=150231021807304&w=2
> 
> Signed-off-by: William Tu <u9012063@...il.com>
> Signed-off-by: Meenakshi Vohra <mvohra@...are.com>

Applied, thank you.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ