Re: [PATCH 3/3] fwd: Rework inconsistencies in translation of inbound flows

On Mon, Aug 12, 2024 at 11:51:17PM +0200, Stefano Brivio wrote:
...
  I applied up to 2/3, I just have one doubt here, and a
nit:
 
 On Mon, 12 Aug 2024 19:53:55 +1000
 David Gibson <david(a)gibson.dropbear.id.au> wrote:
 
  We usually avoid NAT, but in a few cases we need
to apply address
 translations.  The current logic for this on inbound flows has some
 inconsistencies:
 
  * For IPv4 (but not IPv6) we translated unspecified source addresses 
 
 ...I know we already talked about this, but 0.0.0.0/8 is not just
 unspecified, it also means "this host on this network" (RFC 6890,
 2.2.2), and that's the reason for this apparent inconsistency (::
 doesn't). By the way, somebody was reminded of this just recently: 
Good point.  I've changed that behaviour for the next spin.  And added
comments about this for the next sucker who notices the apparent
inconsistency :).

-- 
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson