From: Ido Schimmel <idosch@nvidia.com>
To: Richard Gobert <richardbgobert@gmail.com>
Cc: netdev@vger.kernel.org, davem@davemloft.net, edumazet@google.com,
kuba@kernel.org, pabeni@redhat.com, horms@kernel.org,
donald.hunter@gmail.com, andrew+netdev@lunn.ch,
dsahern@kernel.org, shuah@kernel.org, daniel@iogearbox.net,
jacob.e.keller@intel.com, razor@blackwall.org, petrm@nvidia.com,
menglong8.dong@gmail.com, martin.lau@kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH net-next v5 2/5] net: vxlan: add netlink option to bind vxlan sockets to local addresses
Date: Wed, 13 Aug 2025 12:26:31 +0300 [thread overview]
Message-ID: <aJxaR0W9v--dr45i@shredder> (raw)
In-Reply-To: <20250812125155.3808-3-richardbgobert@gmail.com>
On Tue, Aug 12, 2025 at 02:51:52PM +0200, Richard Gobert wrote:
> Currently, VXLAN sockets always bind to 0.0.0.0, even when a local
> address is defined. This commit adds a netlink option to change
> this behavior.
>
> If two VXLAN endpoints are connected through two separate subnets,
> they are each able to receive traffic through both subnets, regardless
> of the local address. The new option will break this behavior.
>
> Disable the option by default.
>
> Signed-off-by: Richard Gobert <richardbgobert@gmail.com>
> ---
> drivers/net/vxlan/vxlan_core.c | 43 +++++++++++++++++++++++++++---
> include/net/vxlan.h | 1 +
> include/uapi/linux/if_link.h | 1 +
> tools/include/uapi/linux/if_link.h | 1 +
> 4 files changed, 43 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/net/vxlan/vxlan_core.c b/drivers/net/vxlan/vxlan_core.c
> index f32be2e301f2..15fe9d83c724 100644
> --- a/drivers/net/vxlan/vxlan_core.c
> +++ b/drivers/net/vxlan/vxlan_core.c
> @@ -3406,6 +3406,7 @@ static const struct nla_policy vxlan_policy[IFLA_VXLAN_MAX + 1] = {
> [IFLA_VXLAN_LABEL_POLICY] = NLA_POLICY_MAX(NLA_U32, VXLAN_LABEL_MAX),
> [IFLA_VXLAN_RESERVED_BITS] = NLA_POLICY_EXACT_LEN(sizeof(struct vxlanhdr)),
> [IFLA_VXLAN_MC_ROUTE] = NLA_POLICY_MAX(NLA_U8, 1),
> + [IFLA_VXLAN_LOCALBIND] = NLA_POLICY_MAX(NLA_U8, 1),
You should only expose the option to user space when it's fully
supported by the kernel, which is not the case here.
> };
[...]
> diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h
> index 784ace3a519c..7350129b1444 100644
> --- a/include/uapi/linux/if_link.h
> +++ b/include/uapi/linux/if_link.h
> @@ -1399,6 +1399,7 @@ enum {
> IFLA_VXLAN_LABEL_POLICY, /* IPv6 flow label policy; ifla_vxlan_label_policy */
> IFLA_VXLAN_RESERVED_BITS,
> IFLA_VXLAN_MC_ROUTE,
> + IFLA_VXLAN_LOCALBIND,
> __IFLA_VXLAN_MAX
> };
> #define IFLA_VXLAN_MAX (__IFLA_VXLAN_MAX - 1)
> diff --git a/tools/include/uapi/linux/if_link.h b/tools/include/uapi/linux/if_link.h
> index 7e46ca4cd31b..eee934cc2cf4 100644
> --- a/tools/include/uapi/linux/if_link.h
> +++ b/tools/include/uapi/linux/if_link.h
> @@ -1396,6 +1396,7 @@ enum {
> IFLA_VXLAN_VNIFILTER, /* only applicable with COLLECT_METADATA mode */
> IFLA_VXLAN_LOCALBYPASS,
> IFLA_VXLAN_LABEL_POLICY, /* IPv6 flow label policy; ifla_vxlan_label_policy */
> + IFLA_VXLAN_LOCALBIND,
As you can see, the file was not updated in a while and will result in
different values for IFLA_VXLAN_LOCALBIND. I would just drop this hunk
unless you need it for some reason, in which case you can sync the file
in a separate commit.
> __IFLA_VXLAN_MAX
> };
> #define IFLA_VXLAN_MAX (__IFLA_VXLAN_MAX - 1)
> --
> 2.36.1
>
next prev parent reply other threads:[~2025-08-13 9:26 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-12 12:51 [PATCH net-next v5 0/5] net: add local address bind support to vxlan and geneve Richard Gobert
2025-08-12 12:51 ` [PATCH net-next v5 1/5] net: udp: add freebind option to udp_sock_create Richard Gobert
2025-08-13 9:25 ` Ido Schimmel
2025-08-13 15:10 ` Richard Gobert
2025-08-12 12:51 ` [PATCH net-next v5 2/5] net: vxlan: add netlink option to bind vxlan sockets to local addresses Richard Gobert
2025-08-13 6:28 ` Kuniyuki Iwashima
2025-08-13 15:46 ` Richard Gobert
2025-08-13 16:04 ` Ido Schimmel
2025-08-13 17:55 ` Kuniyuki Iwashima
2025-08-13 9:26 ` Ido Schimmel [this message]
2025-08-12 12:51 ` [PATCH net-next v5 3/5] net: vxlan: bind vxlan sockets to their local address if configured Richard Gobert
2025-08-13 7:07 ` Kuniyuki Iwashima
2025-08-13 15:41 ` Richard Gobert
2025-08-13 9:26 ` Ido Schimmel
2025-08-13 15:18 ` Richard Gobert
2025-08-12 12:51 ` [PATCH net-next v5 4/5] net: geneve: enable binding geneve sockets to local addresses Richard Gobert
2025-08-12 12:51 ` [PATCH net-next v5 5/5] selftests/net: add vxlan localbind selftest Richard Gobert
2025-08-13 11:44 ` Ido Schimmel
2025-08-13 15:49 ` Richard Gobert
2025-08-13 14:34 ` Jakub Kicinski
2025-08-13 15:52 ` Richard Gobert
2025-08-13 9:25 ` [PATCH net-next v5 0/5] net: add local address bind support to vxlan and geneve Ido Schimmel
2025-08-13 15:29 ` Richard Gobert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aJxaR0W9v--dr45i@shredder \
--to=idosch@nvidia.com \
--cc=andrew+netdev@lunn.ch \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=donald.hunter@gmail.com \
--cc=dsahern@kernel.org \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=jacob.e.keller@intel.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=martin.lau@kernel.org \
--cc=menglong8.dong@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=petrm@nvidia.com \
--cc=razor@blackwall.org \
--cc=richardbgobert@gmail.com \
--cc=shuah@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.