| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 May 2014 21:27:52 -0700
From: Roopa Prabhu <roopa@...ulusnetworks.com>
To: Stephen Hemminger <stephen@...workplumber.org>
CC: Vlad Yasevich <vyasevich@...il.com>, davem@...emloft.net,
netdev@...r.kernel.org, jhs@...atatu.com, wkok@...ulusnetworks.com,
sfeldma@...ulusnetworks.com, shm@...ulusnetworks.com
Subject: Re: [PATCH iproute2] bridge: Add master device name to bridge fdb
show
On 5/30/14, 7:36 AM, Stephen Hemminger wrote:
> On Wed, 28 May 2014 18:53:36 -0700
> Roopa Prabhu <roopa@...ulusnetworks.com> wrote:
>
>> On 5/28/14, 1:00 PM, Vlad Yasevich wrote:
>>> On 05/28/2014 01:40 AM, roopa@...ulusnetworks.com wrote:
>>>> From: Roopa Prabhu <roopa@...ulusnetworks.com>
>>>>
>>>> (This patch depends on net-next patch titled
>>>> "Add bridge ifindex to bridge fdb notify msgs")
>>>>
>>>> This patch adds master dev name from NDA_MASTER netlink attribute
>>>> to bridge fdb show output
>>>>
>>>> current iproute2 tries to print 'master' in the output if NTF_MASTER
>>>> is present. But, kernel today does not set NTF_MASTER during dump
>>>> requests. Which means I have not seen iproute2 bridge cmd print 'master' atall.
>>>> This patch overrides the NTF_MASTER flag if NDA_MASTER attribute is present.
>>>>
>>>> Example output:
>>>>
>>>> before this patch:
>>>> # bridge fdb show
>>>> 44:38:39:00:27:ba dev bond2.2003 permanent
>>>> 44:38:39:00:27:bb dev bond4.2003 permanent
>>>> 44:38:39:00:27:bc dev bond2.2004 permanent
>>>>
>>>> After this patch:
>>>> # bridge fdb show
>>>> 44:38:39:00:27:ba dev bond2.2003 master br-2003 permanent
>>>> 44:38:39:00:27:bb dev bond4.2003 master br-2003 permanent
>>>> 44:38:39:00:27:bc dev bond2.2004 master br-2004 permanent
>>> 'master' is already a reserved word in the bridge command and
>>> has a slightly different connotation. May be replace it with
>>> 'bridge' or something similar.
>> I am not so convinced about the 'bridge' keyword. The way i see it is: I
>> am just adding more context to the existing 'master' keyword. In the
>> cases i am pointing out above 'master' is a bridge.
>> If the only argument is that it changes existing output, ...i agree. I
>> have expressed slight concerns about that before.
>>>> For comparision with the above, below is the output for NTF_SELF today,
>>>> # bridge fdb show
>>>> 33:33:00:00:00:01 dev eth0 self permanent
>>>> 01:00:5e:00:00:01 dev eth0 self permanent
>>>> 33:33:ff:00:01:cc dev eth0 self permanent
>>>>
>>>> If change in output is a concern, 'master' can be put at the end of the fdb
>>>> output line or made optional with -d[etails] option.
>>> As Stephen always mentions, iproute commands have to be invertable.
>>> In other words, what you get out of the show command you should
>>> be able to feed back into a set command.
>>>
>>> As such, it would probably be a good thing to support
>>> bridge fdb set 44:38:39:00:27:ba dev bond2.2003 bridge br-2003 permanent
>> We did discuss this on the other thread (RFC), and it does not seem
>> necessary.
>> two things:
>> - like i indicated above, introducing 'bridge' to mean 'master' seems
>> to add more confusion and
>> seems redundant. But, maybe that's just me.
>> - having user specify master when kernel can derive it
>> seems unnecessary (agree that for code symmetry we could add master
>> during sets but make it optional)
>>
>>> and I think this ends up being something very close to what
>>> Jamal already proposed.
>>>
>>> May be work together and come up with a single syntax.
>> Ack.
>> looking at jamals patch for fdb show filters, if i consider my approach
>> of using 'master' to represent a bridge,
>> his syntax would look like,
>>
>> bridge fdb {show} [dev DEV]
>> bridge fdb {show} [dev DEV] [master BRDEV]
> I prefer bridge keyword since master is not used in IEEE 802
> documents.
but set also uses 'master' ..and the bridge is referenced using 'master'
in almost all commands
#ip link set dev brport master brdev
so, using 'bridge' and 'master' interchangeably seems a bit confusing.
But, if the preference is 'bridge' i will resubmit this patch with
'bridge' shortly.
Thanks!.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists