On Sun, Dec 18, 2022 at 06:17 AM +01, Christian Ehrig wrote: > This patch allows to remove TUNNEL_KEY from the tunnel flags bitmap > when using bpf_skb_set_tunnel_key by providing a BPF_F_NO_TUNNEL_KEY > flag. On egress, the resulting tunnel header will not contain a tunnel > key if the protocol and implementation supports it. > > At the moment bpf_tunnel_key wants a user to specify a numeric tunnel > key. This will wrap the inner packet into a tunnel header with the key > bit and value set accordingly. This is problematic when using a tunnel > protocol that supports optional tunnel keys and a receiving tunnel > device that is not expecting packets with the key bit set. The receiver > won't decapsulate and drop the packet. > > RFC 2890 and RFC 2784 GRE tunnels are examples where this flag is > useful. It allows for generating packets, that can be decapsulated by > a GRE tunnel device not operating in collect metadata mode or not > expecting the key bit set. > > Signed-off-by: Christian Ehrig <cehrig@xxxxxxxxxxxxxx> > --- Reviewed-by: Jakub Sitnicki <jakub@xxxxxxxxxxxxxx>
