The VXLAN related rule cleanup routine queries and gathers all existing local IP and neigh rules into buffer list. One buffer may contain multiple rule deletetion commands and is prepared to send into Netlink as single message. But, if error occurs for some deletion commands in the buffer, the multiple ACK message with errors can be send back by the kernel. It breaks the Netlink communication sequence numbers, because we expect only one ACK message and it smashes out futher Netlik communication.
The workaround of this problem is to send rule deletion commands from buffer in one-by-one fashion and get ACK message for every command sent. We do not expect too may rules preexist, so there should not be critical performance degradation at VXLAN outer interface initialization. Viacheslav Ovsiienko (3): net/mlx5: fix buffer allocation check in rule cleanup net/mlx5: add Netlink message size check in rule cleanup net/mlx5: fix rule cleanup Netlink command sending drivers/net/mlx5/mlx5_flow_tcf.c | 93 +++++++++++++++++++--------------------- 1 file changed, 45 insertions(+), 48 deletions(-) -- 1.8.3.1
