lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 21 May 2014 17:54:34 +0200
From:	Veaceslav Falico <vfalico@...hat.com>
To:	Linus Gasser <list@...kas-al-nour.org>
Cc:	netdev@...r.kernel.org
Subject: Re: Bonding with tun-devices

On Wed, May 21, 2014 at 02:59:22PM +0100, Linus Gasser wrote:
>Dear list,
>
>I'm trying to create a bonded interface using tun-devices created by the
>
>ssh -NTCf -w 0:0
>
>command. The reason is that I'm behind a satellite connection with 
>per-stream limited bandwidth...
>
>On some older kernels everything was fine, and I could do:
>
># ssh -NTCf -w 0:0 web
># ssh -NTCf -w 1:1 web
># modprobe bonding mode=0 miimon=100
># ifconfig bond0 172.16.0.1 netmask 255.255.255.0
># ifconfig bond0 hw ether 12:34:56:78:9a
># ifenslave bond0 tun0 tun1

It should fail here, as tun (from the first approach*) doesn't have
ndo_set_mac_address, and bonding relies on that, *unless* fail_over_mac is
set to 1.

Could you try setting fail_over_mac = 1 on modprobe or via sysfs and
retesting?

* I've tried to quickly recreate your setup but hit a panic (already
submitted a fix).

Also, enabling debug for bonding (via dynamic_debug or anything else) and
attaching the output would help a lot.

Thank you!

>
>on one side and
>
># modprobe bonding mode=0 miimon=100
># ifconfig bond0 172.16.0.2 netmask 255.255.255.0
># ifconfig bond0 hw ether 12:35
># ifenslave -f bond0 tun0 tun1
># ping 172.16.0.1
>
>on the other side. On a newer kernel (>3.14) this doesn't work (at 
>least not on linux-armv7), while on 3.13 it does work under 
>linux-armv7. Now I've been told to use the iproute2-suite, as 
>ifenslave is deprecated. But if I try to do
>
># ssh -NTCf -w 0:0 web
># ssh -NTCf -w 1:1 web
># ip link add name bond1 type bond
># ip link set dev tun0 master bond1
>
>it gives me an error
>
>RTNETLINK answers: Operation not supported
>
>Any idea what I'm doing wrong?
>
>Linus
>--
>To unsubscribe from this list: send the line "unsubscribe netdev" in
>the body of a message to majordomo@...r.kernel.org
>More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists