On Sun, Aug 14, 2016 at 7:06 AM, Amir Vadai <a...@vadai.me> wrote: > tc qdisc add dev $ETH ingress > > # ENCAP rule for ARP > tc filter add dev $ETH protocol 0x806 parent ffff: prio 11 \ > flower \ > action mirred egress redirect dev $VXLAN enc_src_ip 11.11.0.1 > enc_dst_ip 11.11.0.2 enc_key_id 11 enc_dst_port 4789 > > # ENCAP rule for ICMP > tc filter add dev $ETH protocol ip parent ffff: prio 10 \ > flower ip_proto 1 \ > action mirred egress redirect dev $VXLAN enc_src_ip 11.11.0.1 > enc_dst_ip 11.11.0.2 enc_key_id 11 enc_dst_port 4789 >
I don't like this. This makes mirred action unnecessarily complex, it should really just mirror or redirect packets as it is, why it should be aware of tunnel information? I think you probably need to introduce a new tc action for these tunnel information and pipe it to mirred.
