[ovs-dev] [PATCH branch 2.5] tunneling: Disable IPv6 tunnel
pravin shelar
pshelar at ovn.org
Fri Feb 5 04:24:05 UTC 2016
On Thu, Feb 4, 2016 at 8:04 PM, Jesse Gross <jesse at kernel.org> wrote:
> On Thu, Feb 4, 2016 at 7:55 PM, Pravin B Shelar <pshelar at ovn.org> wrote:
>> There are multiple issues in IPv6 userspace tunnel
>> implementation. There is not enough time to get all
>> fixes in branch-2.5. So it make sense to disable the
>> support on 2.5.
>>
>> Signed-off-by: Pravin B Shelar <pshelar at ovn.org>
>
> This will also affect the kernel implementation - I think that's what
> we want because it's not documented or supported in the kernel module
> that will ship as part of 2.5. However, the commit message isn't quite
> accurate.
>
OK, I will update the commit msg.
>> diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
>> index 88f5022..2234de7 100644
>> --- a/lib/netdev-vport.c
>> +++ b/lib/netdev-vport.c
>> @@ -503,6 +503,10 @@ set_tunnel_config(struct netdev *dev_, const struct smap *args)
>> name, node->value);
>> return EINVAL;
>> }
>> + if (dst_proto == ETH_TYPE_IPV6) {
>> + VLOG_WARN("%s: IPv6 'remote_ip' is not supported", name);
>> + return EOPNOTSUPP;
>> + }
>
> I believe that this won't catch the case where the address is set to
> "flow". I think we probably also need to block attempts to set or
> match IPv6 addresses through OpenFlow.
The check in tnl_port_send() should handle it.
Btw I already looked into blocking it at ovs-ofctl level but I will
need to revert most of the code to disable the support. AFAICS There
is no mechanism to reject a action with valid data.
More information about the dev
mailing list