From: Nicolas Dichtel <nicolas.dichtel@6wind•com>
To: Stephen Hemminger <stephen@networkplumber•org>,
"Eric W. Biederman" <ebiederm@xmission•com>
Cc: netdev@vger•kernel.org
Subject: Re: Problem with iflink in netns
Date: Wed, 14 May 2014 10:23:13 +0200 [thread overview]
Message-ID: <537327F1.4060603@6wind.com> (raw)
In-Reply-To: <20140513083945.062de6c3@nehalam.linuxnetplumber.net>
Le 13/05/2014 17:39, Stephen Hemminger a écrit :
> There have been a couple of bugzilla reports already about cases where a macvlan
> or vlan is moved into another namespace. In these cases the parent device ifindex (iflink)
> is no longer valid.
>
>
> Normally it is not a big issue, until another device is created using the ifindex
> of the parent
>
> Does anyone have a suggested fix? Marking iflink as 0 won't work then the devices no
> longer appear as slaves. Another possibility would be to make block creation of device
> where ifindex matches existing iflink of other devices; but this would slow down device
> creation.
The problem is that we to add an information about the netns where the ifindex
stands, we can currently use only a pid or a file descriptor, hence it's not
possible to broadcast this information. The advantage of the file descriptor is
that it's a local id not a global one.
On idea I'm thinking is that each netns manages its own set of UID for peer
netns, this means that these UID will be valid only in a spcecified netns.
We may add a netlink message to help the user to associate an UID with a file
descriptor/pid (he gives the file descriptor/pid and the kernel returns the
UID).
These UID may be generated only the user requests them or when the kernel sends
an information about a peer netns.
These UID will be provided in existing netlink message in a separate netlink
attribute.
If the idea is ok, I can help to work on this topic.
Regards,
Nicolas
>
>
> The bugs come in as ip command bugs, but obviously the issue is in the kernel.
>
> https://bugzilla.kernel.org/show_bug.cgi?id=66691
> https://bugzilla.kernel.org/show_bug.cgi?id=75911
next prev parent reply other threads:[~2014-05-14 8:23 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-13 15:39 Problem with iflink in netns Stephen Hemminger
2014-05-13 18:20 ` Cong Wang
2014-05-13 20:05 ` Stephen Hemminger
2014-05-13 20:44 ` Cong Wang
2014-05-14 0:51 ` Stephen Hemminger
2014-05-14 21:11 ` Cong Wang
2014-05-14 8:23 ` Nicolas Dichtel [this message]
2014-07-02 11:59 ` [RFC PATCH net-next 0/5] netns: allow to identify peer netns Nicolas Dichtel
2014-07-02 11:59 ` [RFC PATCH net-next 1/5] netns: allocate netns ids Nicolas Dichtel
2014-07-02 13:33 ` Sergei Shtylyov
2014-07-02 13:57 ` Nicolas Dichtel
2014-07-02 11:59 ` [RFC PATCH net-next 2/5] netns: add genl cmd to get the id of a netns Nicolas Dichtel
2014-07-02 11:59 ` [RFC PATCH net-next 3/5] rtnl: add link netns id to interface messages Nicolas Dichtel
2014-07-02 11:59 ` [RFC PATCH net-next 4/5] iptunnels: advertise link netns via netlink Nicolas Dichtel
2014-07-02 11:59 ` [RFC PATCH net-next 5/5] rtnl: allow to create device with IFLA_LINK_NETNSID set Nicolas Dichtel
2014-07-02 20:09 ` [RFC PATCH net-next 0/5] netns: allow to identify peer netns Eric W. Biederman
2014-07-02 21:47 ` Nicolas Dichtel
2014-07-15 14:32 ` Nicolas Dichtel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=537327F1.4060603@6wind.com \
--to=nicolas.dichtel@6wind$(echo .)com \
--cc=ebiederm@xmission$(echo .)com \
--cc=netdev@vger$(echo .)kernel.org \
--cc=stephen@networkplumber$(echo .)org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox