On 30/01/17 20:01, David Miller wrote:
From: David Ahern <d...@cumulusnetworks.com>
Date: Mon, 30 Jan 2017 11:52:01 -0700
On 1/26/17 11:02 AM, Robert Shearman wrote:
Packets arriving in a VRF currently are delivered to UDP sockets that
aren't bound to any interface. TCP defaults to not delivering packets
arriving in a VRF to unbound sockets. IP route lookup and socket
transmit both assume that unbound means using the default table and
UDP applications that haven't been changed to be aware of VRFs may not
function correctly in this case since they may not be able to handle
overlapping IP address ranges, or be able to send packets back to the
original sender if required.
So add a sysctl, udp_l3mdev_accept, to control this behaviour with it
being analgous to the existing tcp_l3mdev_accept, namely to allow a
process to have a VRF-global listen socket. Have this default to off
as this is the behaviour that users will expect, given that there is
no explicit mechanism to set unmodified VRF-unaware application into a
default VRF.
Signed-off-by: Robert Shearman <rshea...@brocade.com>
---
I've targetted this for the net tree because I believe the expected
behaviour is different enough from the current behaviour to be
considered a bug. However, this should also apply to the net-next tree
as-is if this not deemed a bug.
Does not apply to net-next; collision in sysctl_net_ipv4.c
As for the code change, I have updated my unit tests and they all pass with
this patch. Not sure why I marked my version as not working last November, but
it is all good now.
Acked-by: David Ahern <d...@cumulusnetworks.com>
Tested-by: David Ahern <d...@cumulusnetworks.com>
The conflict was easy enough to fix up, so I did it myself.
Applied to net-next, thanks.
Great, thanks.
