lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <AM3PR05MB0759EB89C599428761FA226AACD20@AM3PR05MB0759.eurprd05.prod.outlook.com>
Date:   Wed, 19 Oct 2016 08:28:14 +0000
From:   Yotam Gigi <yotamg@...lanox.com>
To:     Roopa Prabhu <roopa@...ulusnetworks.com>
CC:     Jamal Hadi Salim <jhs@...atatu.com>, Jiri Pirko <jiri@...nulli.us>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "davem@...emloft.net" <davem@...emloft.net>,
        Ido Schimmel <idosch@...lanox.com>,
        Elad Raz <eladr@...lanox.com>,
        Nogah Frankel <nogahf@...lanox.com>,
        Or Gerlitz <ogerlitz@...lanox.com>,
        "geert+renesas@...der.be" <geert+renesas@...der.be>,
        "stephen@...workplumber.org" <stephen@...workplumber.org>,
        "xiyou.wangcong@...il.com" <xiyou.wangcong@...il.com>,
        "linux@...ck-us.net" <linux@...ck-us.net>,
        Shrijeet Mukherjee <shm@...ulusnetworks.com>,
        "Yotam Gigi" <yotam.gi@...il.com>
Subject: RE: [patch net-next RFC 4/6] Introduce sample tc action



>-----Original Message-----
>From: Roopa Prabhu [mailto:roopa@...ulusnetworks.com]
>Sent: Wednesday, October 19, 2016 10:33 AM
>To: Yotam Gigi <yotamg@...lanox.com>
>Cc: Jamal Hadi Salim <jhs@...atatu.com>; Jiri Pirko <jiri@...nulli.us>;
>netdev@...r.kernel.org; davem@...emloft.net; Ido Schimmel
><idosch@...lanox.com>; Elad Raz <eladr@...lanox.com>; Nogah Frankel
><nogahf@...lanox.com>; Or Gerlitz <ogerlitz@...lanox.com>;
>geert+renesas@...der.be; stephen@...workplumber.org;
>xiyou.wangcong@...il.com; linux@...ck-us.net; Shrijeet Mukherjee
><shm@...ulusnetworks.com>; Yotam Gigi <yotam.gi@...il.com>
>Subject: Re: [patch net-next RFC 4/6] Introduce sample tc action
>
>On 10/18/16, 3:58 AM, Yotam Gigi wrote:
>
>> On 16-10-15 12:34 PM, Roopa Prabhu wrote:
>[snip]
>
>>> The OVS implementation is a good example, the metadata includes all the
>>> actions applied
>>>>> to the packet in the kernel data path.
>>>>>
>>>> Again not sure what the use case would be (and why waste such space
>>>> especially when you are sending over the wire with such details).
>>> All this is being used currently.., But, this can be other api's sflow uses
>>> for monitoring.
>>> http://openvswitch.org/support/ovscon2014/17/1400-ovs-sflow.pdf
>>>
>>> Does not have to be part of the main/basic sampling api...
>>> it was just an example.
>>>
>> I guess that making the API extensible solves this, isn't it?
>
>yes, that might help...
>
>Just wanted to bring up the question/clarification on using mark again
>
>tc qdisc add dev eth1 handle ffff: ingress
>
>tc filter add dev eth1 parent ffff: \
>           matchall action sample rate 12 mark 17
>
>tc filter add parent ffff: dev eth1 protocol all \
>           u32 match mark 172 0xff
>           action mirred egress redirect dev dummy0
>
>Like we discussed @ netdev, mark can be used by other things in the system.
>A request to sample on an interface cannot be disruptive.
>Does this require mark to be not used elsewhere in the system when sampling is
>enabled on an interface ?

I think the we can spare the usage of mark, or at least make it optional, as the user
can match on the packets according to the eth_type (as part of the IFE, the user 
can set the sampled packet eth_type).

I will do that, and update the documentation as well.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ