From: Florian Westphal <fw@strlen.de>
To: Fernando Fernandez Mancera <fmancera@suse.de>
Cc: netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
Pablo Neira Ayuso <pablo@netfilter.org>
Subject: Re: [PATCH 2/7 nft] tunnel: add erspan support
Date: Wed, 28 May 2025 02:46:02 +0200 [thread overview]
Message-ID: <aDZcyv8zZJh-fpzB@strlen.de> (raw)
In-Reply-To: <ae88d3525c46a523e1b8a0b97450225804033014.1748374810.git.fmancera@suse.de>
Fernando Fernandez Mancera <fmancera@suse.de> wrote:
> From: Pablo Neira Ayuso <pablo@netfilter.org>
>
> This patch extends the tunnel metadata object to define erspan tunnel
> specific configurations:
>
> table netdev x {
> tunnel y {
> id 10
> ip saddr 192.168.2.10
> ip daddr 192.168.2.11
> sport 10
> dport 20
> ttl 10
> erspan {
> version 1
> index 2
> }
> }
> }
Would it make sense to make this
tunnel erspan y {
id 10
ip saddr 192.168.2.10
ip daddr 192.168.2.11
sport 10
dport 20
ttl 10
version 1
index 2
}
Or was the sub-section intentional to cleanly separate the common parts
from the tunnel specific knobs?
In that case, maybe 'tunnel y {
...
type erspan { ... '?
Or do you think its unecessarily verbose?
I think it might be good to make it clear that this is an either-or thing
and multiple 'type' declarations aren't permitted.
Or are there plans to support
table netdev x {
tunnel y {
id 10
ip saddr 192.168.2.10
ip daddr 192.168.2.11
sport 10
dport 20
ttl 10
erspan {
version 1
index 2
}
geneve {
...
?
next prev parent reply other threads:[~2025-05-28 0:46 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-27 19:54 [PATCH 0/7 nft] Add nftables tunnel expr, stmt and object support Fernando Fernandez Mancera
2025-05-27 19:54 ` [PATCH 1/7 nft] src: add tunnel template support Fernando Fernandez Mancera
2025-05-28 0:38 ` Florian Westphal
2025-05-27 19:54 ` [PATCH 2/7 nft] tunnel: add erspan support Fernando Fernandez Mancera
2025-05-28 0:46 ` Florian Westphal [this message]
2025-05-28 9:59 ` Fernando Fernandez Mancera
2025-05-28 10:39 ` Florian Westphal
2025-05-27 19:54 ` [PATCH 3/7 nft] src: add tunnel statement and expression support Fernando Fernandez Mancera
2025-05-27 19:54 ` [PATCH 4/7 nft] tunnel: add vxlan support Fernando Fernandez Mancera
2025-05-27 19:54 ` [PATCH 5/7 nft] tunnel: add geneve support Fernando Fernandez Mancera
2025-05-27 19:54 ` [PATCH 6/7 nft] tunnel: add tunnel object and statement json support Fernando Fernandez Mancera
2025-05-27 19:54 ` [PATCH 7/7 nft] tests: add tunnel shell and python tests Fernando Fernandez Mancera
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aDZcyv8zZJh-fpzB@strlen.de \
--to=fw@strlen.de \
--cc=coreteam@netfilter.org \
--cc=fmancera@suse.de \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.