lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20100609212704.GY11110@cel.leo>
Date:	Wed, 9 Jun 2010 22:27:04 +0100
From:	Paul LeoNerd Evans <leonerd@...nerd.org.uk>
To:	netdev@...r.kernel.org
Subject: Packet capture and Bonding asymmetries

We use ethernet bonding to bond eth0 + eth1 into bond0, in an
active/standby failover pair. Given this is for redundancy, we put the
two physical ethernet links into different switches that follow
different paths in the data centre.

Given this topology, it can be really useful to know which physical
interface packets are received on. It seems the bonding driver doesn't
make this happen:

  # uname -r
  2.6.31.12

  # head -1 /proc/net/bonding/bond0 
  Ethernet Channel Bonding Driver: v3.5.0 (November 4, 2008)

  # pktdump -f icmp
  [15:27:12] RX(bond0): ICMP| 192.168.57.6->192.168.57.1 echo-request seq=1
  [15:27:12] TX(bond0): ICMP| 192.168.57.1->192.168.57.6 echo-reply seq=1
  [15:27:12] TX(eth0): ICMP| 192.168.57.1->192.168.57.6 echo-reply seq=1

I.e. when we transmit we see both the virtual bond0 interface and the
physical eth0 doing so; but when we receive only the virtual bond0
appears to do so.

I believe this should be fixable with a one-line patch; just adding a
call to netif_nit_deliver(skb) from within the bonding driver... though
just offhand I'm unable to find exactly the line where packets received
on slaves gets passed up to the master. :)

Can anyone advise on the sensibility or otherwise of this plan? I really
would like the behaviour where I can see how packets are received - is
this a good plan to acheive it?

I may sometime have a hack at writing a patch for this anyway, presuming
no major objections...

-- 
Paul "LeoNerd" Evans

leonerd@...nerd.org.uk
ICQ# 4135350       |  Registered Linux# 179460
http://www.leonerd.org.uk/

Download attachment "signature.asc" of type "application/pgp-signature" (191 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ