Thread (18 messages) 18 messages, 5 authors, 2014-07-15

Re: Problem with iflink in netns

From: Nicolas Dichtel <hidden>
Date: 2014-05-14 08:23:16

Le 13/05/2014 17:39, Stephen Hemminger a écrit :
There have been a couple of bugzilla reports already about cases where a macvlan
or vlan is moved into another namespace. In these cases the parent device ifindex (iflink)
is no longer valid.


Normally it is not a big issue, until another device is created using the ifindex
of the parent

Does anyone have a suggested fix? Marking iflink as 0 won't work then the devices no
longer appear as slaves. Another possibility would be to make block creation of device
where ifindex matches existing iflink of other devices; but this would slow down device
creation.
The problem is that we to add an information about the netns where the ifindex
stands, we can currently use only a pid or a file descriptor, hence it's not
possible to broadcast this information. The advantage of the file descriptor is
that it's a local id not a global one.

On idea I'm thinking is that each netns manages its own set of UID for peer
netns, this means that these UID will be valid only in a spcecified netns.
We may add a netlink message to help the user to associate an UID with a file
descriptor/pid (he gives the file descriptor/pid and the kernel returns the
UID).
These UID may be generated only the user requests them or when the kernel sends
an information about a peer netns.
These UID will be provided in existing netlink message in a separate netlink
attribute.

If the idea is ok, I can help to work on this topic.


Regards,
Nicolas

The bugs come in as ip command bugs, but obviously the issue is in the kernel.

https://bugzilla.kernel.org/show_bug.cgi?id=66691
https://bugzilla.kernel.org/show_bug.cgi?id=75911
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help