Sun, Aug 14, 2016 at 07:53:30PM CEST, xiyou.wangc...@gmail.com wrote: >On Sun, Aug 14, 2016 at 7:06 AM, Amir Vadai <a...@vadai.me> wrote: >> tc qdisc add dev $ETH ingress >> >> # ENCAP rule for ARP >> tc filter add dev $ETH protocol 0x806 parent ffff: prio 11 \ >> flower \ >> action mirred egress redirect dev $VXLAN enc_src_ip >> 11.11.0.1 enc_dst_ip 11.11.0.2 enc_key_id 11 enc_dst_port 4789 >> >> # ENCAP rule for ICMP >> tc filter add dev $ETH protocol ip parent ffff: prio 10 \ >> flower ip_proto 1 \ >> action mirred egress redirect dev $VXLAN enc_src_ip >> 11.11.0.1 enc_dst_ip 11.11.0.2 enc_key_id 11 enc_dst_port 4789 >> > >I don't like this. This makes mirred action unnecessarily >complex, it should really just mirror or redirect packets as >it is, why it should be aware of tunnel information? > >I think you probably need to introduce a new tc action >for these tunnel information and pipe it to mirred.
that is the first thing that I thinked of when I saw the patch. I think you can introduce act_vxlan similar to act_vlan.
