On 09/23/15 at 04:09pm, Eric W. Biederman wrote: [...]
> *Blink* You were targeting net.git with a feature enhancement???? > I will just ignore that. The point of this series is to not expose the src and dst port Netlink bits to user space in a released kernel because the ABI is not set in stone yet. Hence targeting net. If patch 1 is regarded unacceptable we should at least pull in patch 2 to not expose these bits until this has been worked out to leave the option proposed here on the table. > What I was observing is that in general the only tunneled packets that > need an ingress metadata dst for a tunneled medium ethernet like medium > are arp and ndisc packets. In other cases if you aren't doing something > exceptional like openvswitch the normal routing should be sufficient. > > Which means a ndo_reply_dst method could remove the need in many cases > for an ingress metadata dst to need to be allocated. The tunnel RX metadata collected is used to associate packets matching a particular tunnel id with the appropriate virtual networks by forwarding them to a separate netns, separate VRF device or a separate bridge. More sophisticated hypervisors may run multiple tunnel endpoints on the same host using different host addresses and differentiate packets based on the underlay destination IP as well. > Regardless a netdevice operation that digs into the packet and figures > out what is necessary for a reply seems like the clean way to make this > work for both arp and neighbour discovery. I'm not disagreeing entirely although I disagree that you can do the NDO without looking at the original metadata dst. Even a full fib lookup based on the requested IP in the ARP header is somewhat error prone. I fully agree though that once we support additional types besides IP tunneling then such an NDO might in fact make sense. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
