From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202510 header.b=oSwMQJWs;
	dkim-atps=neutral
Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76])
	by passt.top (Postfix) with ESMTPS id 84AC65A061A
	for <passt-dev@passt.top>; Fri, 24 Oct 2025 07:54:12 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202510; t=1761285250;
	bh=C4L31/D9usvp0M8BsbvFq7hgnlbi+/bt2/v29QPonMI=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=oSwMQJWsK4sIdwzdKdoimmNBH+C4QEuGd7mZwv9+43NG9t4hdM/8KEmhSKd1DWz20
	 BsFF7BN75IymH7foA+5o38tYt1CfVsLZe23bKq27hsmJy+KuxSKjSXjad9TorIibIZ
	 9NVSRAlVvnJ9rLjyVq8a74W7jdAB1hevFBIrFt0XPk1dUPLRmxMsPOGeCt6hKmzLeR
	 xfS1yz8YZGKx+Dss18iK0BWMCnBnSdrVkMlMYSCPKl7QnFkuzMtNCe85Km7sRm/33E
	 yysfRK1/7PAAWFT3PCaCPpwqPAp4PYrJumBl9UMpXKk1uy4jeoJei9fMTEti3gKVsT
	 uk6mhNxo44Z9w==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4ctBtB2q3Tz4wML; Fri, 24 Oct 2025 16:54:10 +1100 (AEDT)
Date: Fri, 24 Oct 2025 16:54:05 +1100
From: David Gibson <david@gibson.dropbear.id.au>
To: Jon Maloy <jmaloy@redhat.com>
Subject: Re: [PATCH v15 4/9] arp/ndp: send ARP announcement / unsolicited NA
 when neigbour entry added
Message-ID: <aPsUfadbOInVcd9t@zatzit>
References: <20251024012933.1933642-1-jmaloy@redhat.com>
 <20251024012933.1933642-5-jmaloy@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="Ouvp2jIwBVkexIV7"
Content-Disposition: inline
In-Reply-To: <20251024012933.1933642-5-jmaloy@redhat.com>
Message-ID-Hash: 7LVL3CP6G7C6TM3BDSIGMWOA7G4C4Z3R
X-Message-ID-Hash: 7LVL3CP6G7C6TM3BDSIGMWOA7G4C4Z3R
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: sbrivio@redhat.com, dgibson@redhat.com, passt-dev@passt.top
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/aPsUfadbOInVcd9t@zatzit/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/7LVL3CP6G7C6TM3BDSIGMWOA7G4C4Z3R/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>


--Ouvp2jIwBVkexIV7
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Oct 23, 2025 at 09:29:28PM -0400, Jon Maloy wrote:
> ARP announcements and unsolicited NAs should be handled with caution
> because of the risk of malignant users emitting them to disturb
> network communication.
>=20
> There is however one case we where we know it is legitimate
> and safe for us to send out such messages: The one time we switch
> from using ctx->own_tap_mac to a MAC address received via the
> recently added neigbour subscription function. Later changes to
> the MAC address of a host in an existing entry cannot be fully
> trusted, so we abstain from doing it in such cases.
>=20
> When sending this type of messages, we notice that the guest accepts
> the update, but shortly later asks for a confirmation in the form of
> a regular ARP/NS request. This is responded to with the new value,
> and we have exactly the effect we wanted.
>=20
> This commit adds this functionality.
>=20
> Signed-off-by: Jon Maloy <jmaloy@redhat.com>

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>

--=20
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson

--Ouvp2jIwBVkexIV7
Content-Type: application/pgp-signature; name=signature.asc

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmj7FHwACgkQzQJF27ox
2GfE5g//UBAzD+1UuxTLDiRhhuoQRB3ntp6gXY05/mSnfO1NQa8KbRHyRDikmg/o
l4KLeMWQ7Q/i6QEuyqu0/+39TAHqMkhQvvAHOOq4KZNm0anm6GcInTLBS7GNUMGQ
xMxLrMePoR6RGNGLRlOs4p6uYSYXNHF7UayADLW/1xrwVRspntZOJMvn93b/h7H9
UBpkF5oV/bnCADbLaHUx9SAdqUClaDRywvXfslAYvNCj25NasnbNsS9ibW8fCFDr
oKEhIJnmnK6w5ayExRHFmyxPBEK0MC3u5Gh7tXqMfo/dLhbkLMTynPx16WUjHZJt
i+Q+K32QGOrxSAUdIc/BpgTKPuhLzWZspV2FNBZfzmB9o8qqI9qHsqAF6WyIVLO9
K3ilq1sleyUCMvfur9btLU9sHxA94w/hkEEFhshL7YkEIdGEDsyaS32MqjtUofbw
8fq25AqpUqQEYX4USTK6lyoji9yb74RaGh/QvKtq+oWfqv9Bz8vLAvr3TEIfd1a5
kTsZZAdVu9VZMMjr7ccP0KB6261f8jsEnZ883e8DkPWP0MOXw/wuGCFSzq78yKhB
zSLXGg8qAjb6wJcdXxRm8lfKKNa3oZD2Z3Eu6cRBZHBnQxKJidRx2bOK6bbkOT3/
Os2noM6RNX2If1Bif7yPEy8Mb/6dU0RKPAZOJXvTOQDUqmOeiSs=
=msWy
-----END PGP SIGNATURE-----

--Ouvp2jIwBVkexIV7--