[ovs-dev] [PATCH v3 1/6] datapath: add transport ports in route lookup to enable IPsec policy match.

Ben Pfaff blp at ovn.org
Mon Jul 30 16:49:17 UTC 2018


On Fri, Jul 27, 2018 at 01:44:29PM -0700, Qiuyu Xiao wrote:
> This patch adds transport ports information for route lookup so that IPsec
> can select tunnel traffic (geneve, stt, vxlan) to do encryption.
> 
> The patch was tested for geneve, stt, and vxlan tunnel and the results
> show that IPsec policy can be set to only match the corresponding tunnel
> traffic.
> 
> Signed-off-by: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>

I think that this patch should probably be broken up into three:

1. Geneve changes.  These changes need to go to upstream Linux before
   we commit them to the OVS repo.

2. VXLAN changes.  As I understand it, similar changes are already
   upstream, so we can put them into OVS right away.

3. STT changes.  STT is not in upstream Linux, so we can put these into
   OVS right away too.

I think that Greg has already positively reviewed this.  Did he give you
an Acked-by tag?  If he did, then you should add it to the commit
message.


More information about the dev mailing list