Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bpf: Remove flowlabel optimization for identity #23795

Merged
merged 1 commit into from Feb 16, 2023
Merged

bpf: Remove flowlabel optimization for identity #23795

merged 1 commit into from Feb 16, 2023

Conversation

pchaigno
Copy link
Member

For IPv6 traffic, we use the flowlabel field to transfer the source security identity across nodes and avoid an ipcache lookup. This misuse of the flowlabel field can however conflict with legitimate uses such as https://lpc.events/event/11/contributions/955/. This commit therefore removes this optimization.

@pchaigno pchaigno added sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. release-note/misc This PR makes changes that have no direct user impact. labels Feb 15, 2023
@pchaigno
bpf: Remove flowlabel optimization for identity
b3ddf69 
For IPv6 traffic, we use the flowlabel field to transfer the source
security identity across nodes and avoid an ipcache lookup. This misuse
of the flowlabel field can however conflict with legitimate uses such as
[1]. This commit therefore removes this optimization.

1 - https://lpc.events/event/11/contributions/955/
Suggested-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Paul Chaignon <paul@cilium.io>
@pchaigno pchaigno marked this pull request as ready for review February 16, 2023 13:51
@pchaigno pchaigno requested a review from a team as a code owner February 16, 2023 13:51
@pchaigno pchaigno merged commit 32a921a into cilium:master Feb 16, 2023
@pchaigno pchaigno deleted the remove-ipv6-flowlabel-optim branch February 16, 2023 14:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@borkmann borkmann borkmann approved these changes

@NikAleksandrov NikAleksandrov Awaiting requested review from NikAleksandrov NikAleksandrov was automatically assigned from cilium/sig-datapath

Assignees
No one assigned
Labels
release-note/misc This PR makes changes that have no direct user impact. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@pchaigno @borkmann