Netdev List
 help / color / mirror / Atom feed
From: Stephen Hemminger <stephen@networkplumber.org>
To: sowmini varadhan <sowmini05@gmail.com>
Cc: netdev@vger.kernel.org, sowmini.varadhan@hp.com
Subject: Re: a vxlan question.
Date: Sun, 12 Jan 2014 10:25:03 -0800	[thread overview]
Message-ID: <20140112102503.398a0047@nehalam.linuxnetplumber.net> (raw)
In-Reply-To: <CACP96tSOA70sAE_b-Ff6=gOySg0sHQQMRwpuNaA1n5HvgFAzSA@mail.gmail.com>

On Sun, 12 Jan 2014 12:25:51 -0500
sowmini varadhan <sowmini05@gmail.com> wrote:

> A question about the vxlan implementation in linux:
> 
> if the inner packet (the frame that is vxlan encapsulated) is an IP
> packet that has the DF bit set, i.e., it is a PMTU discovery packet, and
> the subsequent vxlan encapsulation results in a ICMP packet-too-big
> error,then does the VTEP relay that error back to the originator of
> the
> PMTU packet?
> 
> AFAICT, the current linux code in drivers/net/vxlan.c
> does not address any icmp errors (though it sets the DF of the outer
> header based on the inner header). From my reading of the code,
> we'd end up in __udp4_lib_err for the vxlan-encaps packet, but
> there's nothing in there that recognizes that the udp payload is
> itself an ethernet+IP frame and relays pmtu back to the (inner) ip src?
> Did I miss something?
> 
> --Sowmini
> --

The VXLAN like all layer 2 tunnels is not allowed to respond IP packets
in the inner header. One of the principles of network virtualization
is that the inner network IP space may overlap or be invalid in the
outer IP domain. Therefore an intermediate system (like VXLAN) does
not have a valid IP in the inner domain to send a response.

Another way to look at is that VXLAN is more of L2 bridge rather
than a L3 router.

  reply	other threads:[~2014-01-12 18:25 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-01-12 17:25 a vxlan question sowmini varadhan
2014-01-12 18:25 ` Stephen Hemminger [this message]
2014-01-12 18:38   ` sowmini varadhan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140112102503.398a0047@nehalam.linuxnetplumber.net \
    --to=stephen@networkplumber.org \
    --cc=netdev@vger.kernel.org \
    --cc=sowmini.varadhan@hp.com \
    --cc=sowmini05@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox