lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20111005085807.2afc2f1c@nehalam.linuxnetplumber.net>
Date:	Wed, 5 Oct 2011 08:58:07 -0700
From:	Stephen Hemminger <shemminger@...tta.com>
To:	Sridhar Samudrala <sri@...ibm.com>
Cc:	netdev <netdev@...r.kernel.org>,
	John Fastabend <john.r.fastabend@...el.com>
Subject: Re: [RFC] iproute2: add br command

On Tue, 04 Oct 2011 22:08:15 -0700
Sridhar Samudrala <sri@...ibm.com> wrote:

> 
> On Tue, 2011-10-04 at 16:00 -0700, Stephen Hemminger wrote:
> > On Tue, 04 Oct 2011 15:54:07 -0700
> > Sridhar Samudrala<sri@...ibm.com  <mailto:sri@...ibm.com>>  wrote:
> >
> > >  On Tue, 2011-10-04 at 15:42 -0700, Stephen Hemminger wrote:
> > >  >  On Wed, 5 Oct 2011 00:32:31 +0200
> > >  >  Michał Mirosław<mirqus@...il.com  <mailto:mirqus@...il.com>>  wrote:
> > >  >
> > >  >  >  2011/10/5 Sridhar Samudrala<sri@...ibm.com  <mailto:sri@...ibm.com>>:
> > >  >  >  >  On Tue, 2011-10-04 at 14:07 -0700, Stephen Hemminger wrote:
> > >  >  >  >>  On Tue, 04 Oct 2011 09:58:55 -0700
> > >  >  >  >>  Andi Kleen<andi@...stfloor.org  <mailto:andi@...stfloor.org>>  wrote:
> > >  >  >  >>  >  Stephen Hemminger<shemminger@...tta.com  <mailto:shemminger@...tta.com>>  writes:
> > >  >  >  >>  >  >  This adds a new 'br' command which is the bridging equivalent of
> > >  >  >  >>  >  >  the ip command. More of a demo of how to use netlink and bridging
> > >  >  >  >>  >  >  at this point.
> > >  >  >  >>  >  Please name it "bridge", not "br"
> > >  >  >  >>  Ok, but it breaks the existing pattern.
> > >  >  >  >  Is this supposed to replace brctl utility?
> > >  >  >  >
> > >  >  >  >  Can we add/delete a bridge and add/delete interfaces to a bridge using
> > >  >  >  >  this command?
> > >  >  >  >
> > >  >  >  >  If so, why not make it
> > >  >  >  >    ip bridge add/del<brname>
> > >  >  >  >    ip bridge addif/delif<brname>  <ifname>
> > >  >  >
> > >  >  >  I'll add one more idea:
> > >  >  >
> > >  >  >  ip link add/del<brname>  type bridge
> > >  >  >  ip bridge add/del<brname>  <ifname>
> > >  >  >  ip bridge fdb ...
> > >  >
> > >  >  In 3.0 you can already do:
> > >  >  # ip link add dev br3 type bridge
> This is a new syntax that i think works only for 'bridge' type.


The bridge interface to 'ip link' is nothing special. The same syntax
is available for macvlan, vlan, and bonding.


> All other types require a prefix 'ip link add link'



For vlan:
  ip link add link eth0 name eth0.1 type vlan id 1

The reason there is no 'link' parameter when creating a bridge is that
the bridge is a standalone device it is not slaved to an underlying
device.

> 
> I think the ip command help text should be updated to include this syntax.


patches accepted...

> 
> > >  >  # ip link set dev eth3 master br3
> 
> looks like the command to delete an interface from a bridge is
>        ip link set dev eth3 nomaster
> 
> Somehow this interface doesn't look all that intuitive.

Propose something better. 


> Currently we have 'ip route' and 'ip neigh' to manipulate routing and
> neighbor entry tables. I think 'ip bridge' would be good way to extend
> this to support bridging.
> 
> If it is not too late, can we have a interface where all bridge related
> commands can be done using the same prefix.
> 
> I think we also should think about how this syntax can be extended to show
> embedded bridges in SR-IOV NICs.

The iproute2 commands in general try to be as close to the
underlying netlink protocol. This makes it less user friendly but smaller,
easier to program. The only part of bridging that is special is the
forwarding database which is similar to the neighbor table.
If I do merge bridging into ip, it would not be as 'ip bridge' but as
another protocol family.

   ip -family bridge neigh ...


As far as SR-IOV, the interface in the kernel is netlink and the hardware
people are free to use netlink to use the same messages for SR-IOV, but
haven't.



  
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ