| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 05 Feb 2015 18:32:22 -0700 From: David Ahern <dsahern@...il.com> To: nicolas.dichtel@...nd.com, netdev@...r.kernel.org CC: ebiederm@...ssion.com Subject: Re: [RFC PATCH 00/29] net: VRF support On 2/5/15 6:44 AM, Nicolas Dichtel wrote: > Le 05/02/2015 02:34, David Ahern a écrit : > [snip] >> This is accomplished by enhancing the current namespace checks to a >> broader network context that is both a namepsace and a VRF id. The VRF >> id is a tag applied to relevant structures, an integer between 1 and 4095 >> which allows for 4095 VRFs (could have 0 be the default VRF and then the >> range is 0-4095 = 4096s VRFs). (The limitation is arguably artificial. It >> is based on the genid scheme for versioning networking data which is a >> 32-bit integer. The VRF id is the lower 12 bits of the genid's.) > Would it be possible to avoid this artificial limit? > There could be scenarii with more than 4096 vrf. As I recall the genid was the only reason to put a limit on it. I know of one product with a higher limit (16k I believe), but I figured this was a reasonable start point for the discussion. > > Do you plan to have a way to dump or monitor VRF via netlink? What do you mean? There is no creation / deletion event. Are you referring to monitoring device changes -- device moved from one network context (namespace, vrf) to another? The VRF id can be added as an attribute to all relevant netlink notifications. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists