| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f4845fc0808270824u2588159dle7caa2910e70a22c@mail.gmail.com> Date: Wed, 27 Aug 2008 17:24:53 +0200 From: "Julius Volz" <juliusv@...gle.com> To: "Simon Horman" <horms@...ge.net.au> Cc: "Sven Wegener" <sven.wegener@...aler.net>, "Graeme Fowler" <graeme@...emef.net>, netdev@...r.kernel.org, lvs-devel@...r.kernel.org, kaber@...sh.net, vbusam@...gle.com Subject: Re: [PATCH RFC 00/24] IPVS: Add first IPv6 support to IPVS On Wed, Aug 27, 2008 at 8:09 AM, Simon Horman <horms@...ge.net.au> wrote: > On Fri, Aug 22, 2008 at 02:14:11PM +0200, Julius Volz wrote: >> On Fri, Aug 22, 2008 at 1:23 PM, Sven Wegener <sven.wegener@...aler.net> wrote: >> >> He :) Imagine an old kernel on the backup receiving new messages and >> >> not understanding them. How could we at least handle that situation >> >> gracefully (without totally confusing the older kernel)? We'd need to >> >> do it in a way that old features are still communicated in the same >> >> way. E.g., v4-only connection syncs still use the same message format, >> >> but once you use v6 entries, an unused flag or the 'reserved' field in >> >> ip_vs_sync_conn is used. A v6 message would still confuse an older >> >> kernel then, but a user would already notice that ipvsadm can't >> >> configure the v6 services on the older kernel, so that's not too bad. >> > >> > If that's a problem, we can easily change the communication port and even >> > completely redesign the protocol this way, without having old kernels >> > getting confused about the data they get. We might lose the ability to >> > sync between different versions, but in the end this is just the >> > connection synchronziation and both systems should be running the same >> > version. We could also keep the old communication port for some time, if >> > that's really needed. >> >> Yes, starting from scratch on another port sounds like a good idea. >> Losing sync ability totally isn't as bad as confusing an older kernel >> with new messages, so I hope it's not necessary to keep the old >> baggage around? > > That does sound like a nice idea. I think that is important that we don't > confuse older kernels. I guess the only time that ineroperability would be > important is when upgrading kernels, where you might want to take the > master ldirector down to upgrade it, then the standby. Good, that makes two votes for not keeping the old protocol in parallel? ;) >> Is there enough motivation for doing this though before having a >> cleaned-up minimal v6 version without the sync daemon? This is where >> I'm currently a bit stuck with... any help is appreciated :) > > IPv6 without sync is fine by me. Its certainly much better than no IPv6. > Lets tackle sync a bit later. Ok, going for cleaning up and reworking more of the current IPv6 code then... -- Julius Volz Corporate Operations - SysOps Google Switzerland GmbH Identification No.: CH-020.4.028.116-1 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists