Re: [PATCH ipsec-next v5 3/8] xfrm: allow migration from UDP encapsulated to... | netdev

[PATCH ipsec-next v5 0/8] xfrm: XFRM_MSG_MIGRATE_STATE new netlink message · Antony Antony <hidden> · 2026-01-27
[PATCH ipsec-next v5 1/8] xfrm: add missing __rcu annotation to nlsk · Antony Antony <hidden> · 2026-01-27
Re: [PATCH ipsec-next v5 1/8] xfrm: add missing __rcu annotation to nlsk · Sabrina Dubroca <sd@queasysnail.net> · 2026-02-26
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 1/8] xfrm: add missing __rcu annotation to nlsk · Antony Antony <hidden> · 2026-03-05
[PATCH ipsec-next v5 2/8] xfrm: remove redundant assignments · Antony Antony <hidden> · 2026-01-27
[PATCH ipsec-next v5 3/8] xfrm: allow migration from UDP encapsulated to non-encapsulated ESP · Antony Antony <hidden> · 2026-01-27
Re: [PATCH ipsec-next v5 3/8] xfrm: allow migration from UDP encapsulated to non-encapsulated ESP · Sabrina Dubroca <sd@queasysnail.net> · 2026-01-30
Re: [PATCH ipsec-next v5 3/8] xfrm: allow migration from UDP encapsulated to non-encapsulated ESP · Antony Antony <hidden> · 2026-02-02
[PATCH ipsec-next v5 4/8] xfrm: rename reqid in xfrm_migrate · Antony Antony <hidden> · 2026-01-27
[PATCH ipsec-next v5 5/8] xfrm: split xfrm_state_migrate into create and install functions · Antony Antony <hidden> · 2026-01-27
[PATCH ipsec-next v5 7/8] xfrm: add error messages to state migration · Antony Antony <hidden> · 2026-01-27
Re: [PATCH ipsec-next v5 7/8] xfrm: add error messages to state migration · Sabrina Dubroca <sd@queasysnail.net> · 2026-01-30
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 7/8] xfrm: add error messages to state migration · Antony Antony <hidden> · 2026-02-26
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 7/8] xfrm: add error messages to state migration · Sabrina Dubroca <sd@queasysnail.net> · 2026-02-26
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 7/8] xfrm: add error messages to state migration · Antony Antony <hidden> · 2026-03-02
[PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Antony Antony <hidden> · 2026-01-27
Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Sabrina Dubroca <sd@queasysnail.net> · 2026-02-03
Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Antony Antony <hidden> · 2026-02-26
Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Sabrina Dubroca <sd@queasysnail.net> · 2026-02-26
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Antony Antony <hidden> · 2026-03-02
Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Yan Yan <hidden> · 2026-02-27
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Sabrina Dubroca <sd@queasysnail.net> · 2026-02-27
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Yan Yan <hidden> · 2026-02-27
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Antony Antony <hidden> · 2026-03-08
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Sabrina Dubroca <sd@queasysnail.net> · 2026-03-10
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Antony Antony <hidden> · 2026-03-10
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Yan Yan <hidden> · 2026-03-14
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Antony Antony <hidden> · 2026-04-07
Re: [devel-ipsec] Re: [PATCH ipsec-next v5 8/8] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Antony Antony <hidden> · 2026-03-05
[PATCH ipsec-next v5 6/8] xfrm: add state synchronization after migration · Antony Antony <hidden> · 2026-01-27

Re: [PATCH ipsec-next v5 3/8] xfrm: allow migration from UDP encapsulated to non-encapsulated ESP

From: Sabrina Dubroca <sd@queasysnail.net>
Date: 2026-01-30 11:28:24
Also in: lkml

2026-01-27, 11:42:40 +0100, Antony Antony wrote:

The current code prevents migrating an SA from UDP encapsulation to
plain ESP. This is needed when moving from a NATed path to a non-NATed
one, for example when switching from IPv4+NAT to IPv6.

Only copy the existing encapsulation during migration if the encap
attribute is explicitly provided.

Are we sure nobody out there relies on this behavior (silently copying
the existing UDP encap without having to explicitly request it in the
MIGRATE request)? If there are, this patch would break their setup by
clearing the encap that they expect to still be present.

-- 
Sabrina

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help