From: Thomas Graf <tg...@suug.ch> Date: Tue, 13 Jan 2015 17:20:41 +0100
> Implements supports for the Group Policy VXLAN extension [0] to provide > a lightweight and simple security label mechanism across network peers > based on VXLAN. The security context and associated metadata is mapped > to/from skb->mark. This allows further mapping to a SELinux context > using SECMARK, to implement ACLs directly with nftables, iptables, OVS, > tc, etc. > > The extension is disabled by default and should be run on a distinct > port in mixed Linux VXLAN VTEP environments. Liberal VXLAN VTEPs > which ignore unknown reserved bits will be able to receive VXLAN-GBP > frames. Thomas, unfortunately Tom's vxlan RCO patches were ready before your's in my queue so I applied his work first. You'll have to therefore respin this series on top of it. Thanks. _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
