On Wed, Mar 15, 2017 at 06:14:02PM +0200, Or Gerlitz wrote: > On Thu, Feb 23, 2017 at 7:54 PM, David Miller <da...@davemloft.net> wrote: > > From: Andreas Schultz <aschu...@tpip.net> > > Date: Thu, 23 Feb 2017 18:19:16 +0100 (CET) > > > >> When we are talking about the xmit path, then currently none of the > >> receivers we are talking to is going to be Linux and we have no > >> idea how they will behave nor do we have any influence on them. Do > >> we really need to make assumptions about other vendors implementations? > >> > >> Traces on live GRX networks show that about 90% of the SGSN/S-GW > >> that would talk to us always use the default GTP-U port as source > >> port. Some multi chassis GSN's seem to assign source port ranges to > >> chassis, but that has nothing todo with DDOS protection. > > > > This is exactly what other UDP tunnel implementations did before > > flow separation was prevelant. > > > > I don't see the point of any of this discussion discouraging the > > enablement of proper flow separation. > > Hi Dave, > > So where do we go from here? should I resubmit the patch?
IIRC this patch didn't get into the merge window in time, so it's reasonable to resubmit I think. You may want to add this to the patch: Acked-by: Pablo Neira Ayuso <pa...@netfilter.org> Thanks Or.
