Actions
Bug #7753
closeddecoder/vxlan: packet drops with non-zero reserved fields
Affected Versions:
Effort:
Difficulty:
Label:
C, Needs Suricata-Verify test, Protocol
Description
The current VXLAN decoder implementation follows RFC draft-mahalingam-dutt-dcops-vxlan-00 too strictly and does not ignore the Reserved fields on receipt, as required by RFC 7348 §5 . This causes valid VXLAN packets with non-zero Reserved bits to be dropped, leading to loss of response-side traffic in some environments.
Files
Updated by Fupeng Zhao 5 months ago
- Status changed from New to Assigned
- Assignee changed from OISF Dev to Fupeng Zhao
Assigned to myself.
I plan to remove the strict validation of the Reserved fields entirely. Since we don’t decode the inner packet before parsing the VXLAN header, we can’t reliably determine the packet direction (transmit vs receive) and thus can’t selectively apply Reserved field checks.
Open to alternative suggestions if there's a preferred way to handle this.
Updated by Fupeng Zhao 5 months ago
- Status changed from Assigned to In Review
Updated by Philippe Antoine 5 months ago
- Target version changed from TBD to 9.0.0-beta1
Updated by Fupeng Zhao about 2 months ago
- Status changed from In Review to Closed
Updated by Victor Julien about 2 months ago
- Status changed from Closed to Resolved
Updated by OISF Ticketbot about 2 months ago
- Label deleted (
Needs backport to 8.0)
Updated by Philippe Antoine about 1 month ago
- Status changed from Resolved to Closed
Updated by Shivani Bhardwaj 16 days ago
- Subject changed from vxlan: decoder drops packets with non-zero reserved fields to decoder/vxlan: packet drops with non-zero reserved fields
Actions