• David Stevens's avatar
    VXLAN: Allow L2 redirection with L3 switching · ae884082
    David Stevens authored
    Allow L2 redirection when VXLAN L3 switching is enabled
    
    This patch restricts L3 switching to destination MAC addresses that are
    marked as routers in order to allow virtual IP appliances that do L2
    redirection to function with VXLAN L3 switching enabled.
    
    We use L3 switching on VXLAN networks to avoid extra hops when the nominal
    router for cross-subnet traffic for a VM is remote and the ultimate
    destination may be local, or closer to the local node. Currently, the
    destination IP address takes precedence over the MAC address in all cases.
    Some network appliances receive packets for a virtualized IP address and
    redirect by changing the destination MAC address (only) to be the final
    destination for packet processing. VXLAN tunnel endpoints with L3 switching
    enabled may then overwrite this destination MAC address based on the packet IP
    address, resulting in potential loops and, at least, breaking L2 redirections
    that travel through tunnel endpoints.
    
    This patch limits L3 switching to the intended case where the original
    destination MAC address is a next-hop router and relies on the destination
    MAC address for all other cases, thus allowing L2 redirection and L3 switching
    to coexist peacefully.
    Signed-Off-By: default avatarDavid L Stevens <dlstevens@us.ibm.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    ae884082
vxlan.c 40.7 KB