On Mon, May 13, 2024 at 08:07:43PM +0200, Stefano Brivio wrote:
> On Fri,  3 May 2024 11:11:23 +1000
> David Gibson <david@gibson.dropbear.id.au> wrote:
> 
> > Currently we always deliver inbound TCP packets to the guest's most
> > recent observed IP address.  This has the odd side effect that if the
> > guest changes its IP address with active TCP connections we might
> > deliver packets from old connections to the new address.  That won't
> > work; it will will probably result in an RST from the guest.  Worse,
> 
> s/will will/will/

Fixed.

> ...if I recall correctly, that was actually working, as long as we
> don't swap link-local with global unicast addresses (hence those
> conditions sprinkled all over the place).

Um.. I don't see how that's possible.  Linux - and I imagine any peer
- will index TCP connections by both endpoint addresses, so if we
deliver packets from one connection to a different address, the peer
won't recognize them as belonging to the old connection.

> But it doesn't matter in any case, this is surely the way forward.
> 

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson