lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <87bnjnctw8.fsf@x220.int.ebiederm.org>
Date:	Fri, 20 Mar 2015 15:10:15 -0500
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Jeremias Blendin <jeremias@...ndin.org>
Cc:	containers@...ts.linux-foundation.org, <netdev@...r.kernel.org>
Subject: Re: Get statistics from all network interfaces on a system, including those inside network namespaces

Jeremias Blendin <jeremias@...ndin.org> writes:

> Hi,
>
> I hope this is the right list to post this question.

This list and netdev are the right lists.  It is one of those
overlapping topics.

Right now I find applications dealing with multiple network namespaces
interesting as the APIs are a little rough and it is time to knock off
some of the rough edges.

> Currently, we are using a patched version of bwm-ng to poll statistics
> of network interfaces. Some of these interfaces are located inside
> network namespaces, unfortunately we have found no way to poll all
> interfaces from all netspaces at once, without making our client
> application process traverse through all the available network
> namespaces (one result is this patch for bwm-ng:
> https://github.com/jgjl/bwm-ng/tree/lxns).
> Is there a more efficient way (for example by using netlink directly)
> to get a complete list of the statistics of all network interfaces
> existing in the kernel e.g. tagged by their netns?

Not at this point.  Although we have ids that are now possible of that
tagging.  At this point you need to have a separate socket for each
network namespace.

All network devices in all network namespaces is not going to ever
happen as that makes nested containers and migration impossible.  All
network devices in an interesting subset of network namespaces is a very
reasonable request.

> Any pointers are appreciated :)

I would look at iproute2.  Looking at the description of your code you
don't even pick up on the names that have been assigned to network
namespaces.  So I don't think you are up to speed on everything that is
going on there.

Eric
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ