lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Z6IhJZR8JacO8oHk@shredder>
Date: Tue, 4 Feb 2025 16:16:05 +0200
From: Ido Schimmel <idosch@...sch.org>
To: Ted Chen <znscnchen@...il.com>
Cc: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
	pabeni@...hat.com, andrew+netdev@...n.ch, netdev@...r.kernel.org
Subject: Re: [PATCH RFC net-next 1/3] vxlan: vxlan_vs_find_vni(): Find
 vxlan_dev according to vni and remote_ip

On Tue, Feb 04, 2025 at 09:09:02PM +0800, Ted Chen wrote:
> I didn't see target addresses were appended into the FDB when an unicast
> remote_ip had been configured.
> 
> e.g.
> Usually when (2)(3) are invoked, (1) is not called to configure a unicast
> remote_ip to the VTEP (though it's allowed to call (1)).
> 
> (1) ip link add vxlan42 type vxlan id 42 \
>                 local 10.0.0.1 remote 10.0.0.2 dstport 4789
> (2) bridge fdb append to 00:00:00:00:00:00 dst 10.0.0.3 dev vxlan42
> (3) bridge fdb append to 00:00:00:00:00:00 dst 10.0.0.4 dev vxlan42
> 
> So, this patch just leverages the case when remote_ip is configured in the
> VTEP to stand for P2P.
> 
> Do you think there's a better way to identify P2P more precisely?

I think it will require a new uAPI (e.g., a new VXLAN netlink attribute)
as it's a behavior change, but I really prefer not to go there when the
problem can be solved in other ways (e.g., the tc solution I mentioned
or using multiple VNIs).

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ