Re: [PATCH] net: Require exact match for TCP socket lookups if dif is l3mdev

From: David Ahern Date: Sun, 16 Oct 2016 20:02:52 -0700 > Currently, socket lookups for l3mdev (vrf) use cases can match a socket > that is bound to a port but not a device (ie., a global socket). If the > sysctl tcp_l3mdev_accept is not set this leads to ack packets

[PATCH] net: Require exact match for TCP socket lookups if dif is l3mdev

Currently, socket lookups for l3mdev (vrf) use cases can match a socket that is bound to a port but not a device (ie., a global socket). If the sysctl tcp_l3mdev_accept is not set this leads to ack packets going out based on the main table even though the packet came in from an L3 domain. The end

Re: [PATCH] net: Require exact match for TCP socket lookups if dif is l3mdev

On 10/13/16 3:29 PM, Eric Dumazet wrote: > Since netif_index_is_l3_master() is not cheap, can you reorder the > test ? > > if (!net->ipv4.sysctl_tcp_l3mdev_accept) > return netif_index_is_l3_master(net, dif); sure. Since this use case is called under rcu_read_lock I can make a

Re: [PATCH] net: Require exact match for TCP socket lookups if dif is l3mdev

On Thu, 2016-10-13 at 13:14 -0700, David Ahern wrote: > Currently, socket lookups for l3mdev (vrf) use cases can match a socket > that is bound to a port but not a device (ie., a global socket). If the > sysctl tcp_l3mdev_accept is not set this leads to ack packets going out > based on the main

[PATCH] net: Require exact match for TCP socket lookups if dif is l3mdev

Currently, socket lookups for l3mdev (vrf) use cases can match a socket that is bound to a port but not a device (ie., a global socket). If the sysctl tcp_l3mdev_accept is not set this leads to ack packets going out based on the main table even though the packet came in from an L3 domain. The end