From: Steffen Klassert <steffen.klassert@secunet.com>
To: Fan Du <fan.du@windriver.com>
Cc: David Miller <davem@davemloft.net>,
saurabh.mohan@vyatta.com, herbert@gondor.hengli.com.au,
netdev@vger.kernel.org
Subject: Re: [PATCH net-next] {ipv4,xfrm}: Introduce xfrm_tunnel_notifier for xfrm tunnel mode callback
Date: Tue, 27 Aug 2013 11:28:56 +0200 [thread overview]
Message-ID: <20130827092856.GC7660@secunet.com> (raw)
In-Reply-To: <521C0104.2070906@windriver.com>
On Tue, Aug 27, 2013 at 09:29:40AM +0800, Fan Du wrote:
> On 2013年08月27日 04:21, David Miller wrote:
> >
> >I don't understand why VTI doesn't need to propagate a PMTU update via
> >ipv4_update_pmtu(). Why is it different from a real xfrm_tunnel?
> ^^^^^^^^^^^^^^^^
>
> A IPsec protected packet is first handled by protocol handlers, e.g AH/ESP,
> to check packet authentication or encryption rightness. PMTU update is taken
> care of in this stage by protocol error handler.
>
> Then the packet is rearranged properly depending on whether it's transport
> mode or tunnel mode packed by mode "input" handler. The VTI handler code
> takes effects in this stage in tunnel mode only. So it neither need propagate
> PMTU, as it has already been done if necessary, nor the VTI handler is
> qualified as a xfrm_tunnel.
>
I think you are right here, please update your commit message with
the above informations. I'd take this into ipsec-next and update
the the ipv6 vti patch according to your changes if David does not
mind.
next prev parent reply other threads:[~2013-08-27 9:28 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-23 6:47 [PATCH net-next] {ipv4,xfrm}: Introduce xfrm_tunnel_notifier for xfrm tunnel mode callback Fan Du
2013-08-26 11:35 ` Steffen Klassert
2013-08-27 1:40 ` Fan Du
2013-08-26 20:21 ` David Miller
2013-08-27 1:29 ` Fan Du
2013-08-27 9:28 ` Steffen Klassert [this message]
2013-08-27 16:23 ` David Miller
2013-08-27 1:52 ` Saurabh Mohan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130827092856.GC7660@secunet.com \
--to=steffen.klassert@secunet.com \
--cc=davem@davemloft.net \
--cc=fan.du@windriver.com \
--cc=herbert@gondor.hengli.com.au \
--cc=netdev@vger.kernel.org \
--cc=saurabh.mohan@vyatta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.