lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 18 Mar 2022 17:53:20 +0800
From:   孙守鑫 <sunshouxin@...natelecom.cn>
To:     Jay Vosburgh <jay.vosburgh@...onical.com>,
        David Ahern <dsahern@...nel.org>
Cc:     vfalico@...il.com, andy@...yhouse.net, davem@...emloft.net,
        kuba@...nel.org, yoshfuji@...ux-ipv6.org, oliver@...kum.org,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        huyd12@...natelecom.cn
Subject: Re: [PATCH v4] net:bonding:Add support for IPV6 RLB to balance-alb
 mode


在 2022/3/18 4:10, Jay Vosburgh 写道:
> David Ahern <dsahern@...nel.org> wrote:
>
>> On 3/17/22 12:15 AM, Sun Shouxin wrote:
>>> This patch is implementing IPV6 RLB for balance-alb mode.
>>>
>>> Suggested-by: Hu Yadi <huyd12@...natelecom.cn>
>>> Signed-off-by: Sun Shouxin <sunshouxin@...natelecom.cn>
>>> ---
>>> changelog:
>>> v1-->v2:
>>> -Remove ndisc_bond_send_na and refactor ndisc_send_na.
>>> -In rlb_nd_xmit, if the lladdr is not local, return curr_active_slave.
>>> -Don't send neighbor advertisement message when receiving
>>>   neighbor advertisement message in rlb6_update_entry_from_na.
>>>
>>> v2-->v3:
>>> -Don't export ndisc_send_na.
>>> -Use ipv6_stub->ndisc_send_na to replace ndisc_send_na
>>>   in rlb6_update_client.
>>>
>>> v3-->v4:
>>> -Submit all code at a whole patch.
>> you misunderstood Jakub's comment. The code should evolve with small,
>> focused patches and each patch needs to compile and function correctly
>> (ie., no breakage).
> 	Agreed; the split of the patches was not at issue, it was that
> each patch in a series must compile and the built kernel must function
> rationally.
>
>> You need to respond to Jiri's question about why this feature is needed.
> 	I'm not entirely sold on adding IPv6 RLB for balance-alb, but
> the IPv4 version of it does see moderate levels of use, even now.  It's
> less common than LACP by far, though.  I'd like to know why someone
> would choose IPv6 RLB over LACP.  I wonder if this is a checklist item
> somewhere that something must have "complete support for IPv6" or words
> to that effect, versus an actual functional need.


This patch is certainly aim fix one real issue in ou lab.
For historical inheritance, the bond6 with ipv4 is widely used in our lab.
We started to support ipv6 for all service last year, networking 
operation and maintenance team
think it does work with ipv6 ALB capacity take it for granted due to 
bond6's specification
but it doesn't work in the end. as you know, it is impossible to change 
link neworking to LACP
because of huge cost and effective to online server.
I believe this is the case another man meet as ipv6 promotion.


>> After that:
>>
>> 1. patch 1 adds void *data to ndisc_send_na stub function and
>> ndisc_send_na direct function. Update all places that use both
>> ndisc_send_na to pass NULL as the data parameter.
>>
>> 2. patch 2 refactors ndisc_send_na to handle the new data argument
>>
>> 3. patch 3 exports any IPv6 functions. explain why each needs to be
>> exported.
>>
>> 4. patch 4 .... bonding changes. (bonding folks can respond on how to
>> introduce that change).
> 	Looking at the previous patch for bonding, my two initial
> requests are:
>
> 	1) A more detailed commit message.  The only way to understand
> how any of this actually works is reading the code, there is no higher
> level description.
>
> 	2) How does this interact with the IPv4 RLB logic?  Is it
> possible for a given bond interface MAC to be "assigned" to two
> different peers (one IPv4, one IPv6), and if so, does that behave in an
> expected manner?  I.e., two peers on the network could receive
> contradictory information via ARP and ND for the MAC address of a given
> peer.  This is already possible with the IPv4 RLB, but with an
> additional IPv6 RLB, a single peer could see two different MACs for a
> given host (one via IPv4, one via IPv6), and another peer could see the
> opposite, or even disjoint information across several peers.
>
> 	-J


Sorry for not fully understood your question

If I understand correctly ,I don't think IPV6 ALB can interact with the 
Ipv4 RLB logic.
Since they use different neighbor table when sending packets , what's more,
in the process of ALB, the rx6_hashtbl is used by IPV6 and rx_hashtbl 
for IPV4.

please rectify me if miss your point.


>
> ---
> 	-Jay Vosburgh, jay.vosburgh@...onical.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ