On Fri, Jan 5, 2024 at 6:09 AM Jakub Kicinski [off-list ref] wrote:

On Fri, 5 Jan 2024 06:20:10 -0500 Jamal Hadi Salim wrote:

quoted

quoted

I tested and it looks like the patch doesn't affect em_ipt, as expected.

Thank you!

quoted

quoted

I did however run into a related issue while testing - seems that
using the old "ingress" qdisc - that em_ipt iproute2 code still uses -
isn't working, i.e:

$ tc qdisc add dev ipsec1 ingress
Error: Egress block dev insert failed.

This seems to originate from recent commit 913b47d3424e
("net/sched: Introduce tc block netdev tracking infra").

When I disabled that code in my build I was able to use em_ipt
as expected.

Resolved in: https://lore.kernel.org/netdev/20240104125844.1522062-1-jiri@resnulli.us/ (local)
Eyal, if you have cycles please give it a try. Jakub, can we get that applied?

FTR it was applied by Dave soon after you asked.

Verified. With current net-next the problem doesn't happen anymore.

Thanks!
Eyal.