Re: Problem with iflink in netns
From: Nicolas Dichtel <hidden>
Date: 2014-05-14 08:23:16
Le 13/05/2014 17:39, Stephen Hemminger a écrit :
There have been a couple of bugzilla reports already about cases where a macvlan or vlan is moved into another namespace. In these cases the parent device ifindex (iflink) is no longer valid. Normally it is not a big issue, until another device is created using the ifindex of the parent Does anyone have a suggested fix? Marking iflink as 0 won't work then the devices no longer appear as slaves. Another possibility would be to make block creation of device where ifindex matches existing iflink of other devices; but this would slow down device creation.
The problem is that we to add an information about the netns where the ifindex stands, we can currently use only a pid or a file descriptor, hence it's not possible to broadcast this information. The advantage of the file descriptor is that it's a local id not a global one. On idea I'm thinking is that each netns manages its own set of UID for peer netns, this means that these UID will be valid only in a spcecified netns. We may add a netlink message to help the user to associate an UID with a file descriptor/pid (he gives the file descriptor/pid and the kernel returns the UID). These UID may be generated only the user requests them or when the kernel sends an information about a peer netns. These UID will be provided in existing netlink message in a separate netlink attribute. If the idea is ok, I can help to work on this topic. Regards, Nicolas
The bugs come in as ip command bugs, but obviously the issue is in the kernel. https://bugzilla.kernel.org/show_bug.cgi?id=66691 https://bugzilla.kernel.org/show_bug.cgi?id=75911