lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 21 May 2014 21:36:34 +0100
From:	Linus Gasser <list@...kas-al-nour.org>
To:	Veaceslav Falico <vfalico@...hat.com>
CC:	netdev@...r.kernel.org
Subject: Re: Bonding with tun-devices

Le 21/05/14 16:54, Veaceslav Falico a écrit :
> On Wed, May 21, 2014 at 02:59:22PM +0100, Linus Gasser wrote:
>> Dear list,
>>
>> I'm trying to create a bonded interface using tun-devices created by the
>>
>> ssh -NTCf -w 0:0
>>
>> command. The reason is that I'm behind a satellite connection with
>> per-stream limited bandwidth...
>>
>> On some older kernels everything was fine, and I could do:
>>
>> # ssh -NTCf -w 0:0 web
>> # ssh -NTCf -w 1:1 web
>> # modprobe bonding mode=0 miimon=100
>> # ifconfig bond0 172.16.0.1 netmask 255.255.255.0
>> # ifconfig bond0 hw ether 12:34:56:78:9a
>> # ifenslave bond0 tun0 tun1
>
> It should fail here, as tun (from the first approach*) doesn't have
> ndo_set_mac_address, and bonding relies on that, *unless* fail_over_mac is
> set to 1.
>
> Could you try setting fail_over_mac = 1 on modprobe or via sysfs and
> retesting?
>
> * I've tried to quickly recreate your setup but hit a panic (already
> submitted a fix).
>
> Also, enabling debug for bonding (via dynamic_debug or anything else) and
> attaching the output would help a lot.

Hi,

OK, I tried to add "fail_over_mac=1" to the modprobe-call, but both with 
"ifenslave" and "ip add" I get the same error. In the logs I found (with 
fail_over_mac):

kernel: bonding: Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
kernel: bonding: MII link monitoring set to 100 ms
kernel: bonding: Warning: fail_over_mac only affects active-backup mode.
bonding: bond0: Warning: The first slave device specified does not 
support setting the MAC address.
bonding: bond0: Warning: The first slave device specified does not 
support setting the MAC address.

As far as I see, my kernel doesn't have dynamic_debug enabled. I'm in 
the midst of downloading it - hold on for a day or two ;) If you can 
tell me how I can debug otherwise, I'll be glad to do so.

Linus

>
> Thank you!
>
>>
>> on one side and
>>
>> # modprobe bonding mode=0 miimon=100
>> # ifconfig bond0 172.16.0.2 netmask 255.255.255.0
>> # ifconfig bond0 hw ether 12:35
>> # ifenslave -f bond0 tun0 tun1
>> # ping 172.16.0.1
>>
>> on the other side. On a newer kernel (>3.14) this doesn't work (at
>> least not on linux-armv7), while on 3.13 it does work under
>> linux-armv7. Now I've been told to use the iproute2-suite, as
>> ifenslave is deprecated. But if I try to do
>>
>> # ssh -NTCf -w 0:0 web
>> # ssh -NTCf -w 1:1 web
>> # ip link add name bond1 type bond
>> # ip link set dev tun0 master bond1
>>
>> it gives me an error
>>
>> RTNETLINK answers: Operation not supported
>>
>> Any idea what I'm doing wrong?
>>
>> Linus
>> --
>> To unsubscribe from this list: send the line "unsubscribe netdev" in
>> the body of a message to majordomo@...r.kernel.org
>> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ