| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 2 Jan 2017 18:05:48 +0100 From: Olivier Brunel <jjk@...cky.com> To: David Ahern <dsa@...ulusnetworks.com> Cc: netdev@...r.kernel.org Subject: Re: Bug w/ (policy) routing On Mon, 2 Jan 2017 09:48:12 -0700 David Ahern <dsa@...ulusnetworks.com> wrote: > On 1/1/17 12:52 PM, Olivier Brunel wrote: > > Indeed, if I first delete the rule for lookup local and recreate it > > w/ higher prio than my "lookup 50", then no more issue. > > After the unshare or when creating a new network namespace, bringing > the lo device up will create the local table and the rest of the > commands will work properly. ie., instead of moving the local rule > you can run: Indeed, and that's a much better solution for me, since I bring lo up anyways, I might as well do it first. Thank you. > unshare -n bash > > ip li set lo up > ip rule add table 50 prio 50 > ip link add test type veth peer name test2 > ... > > ----- > > Alex: > > The order of commands is influencing whether the unmerge succeeds or > not which is wrong. I took a quick look and I don't see a simple > solution to this. Effectively: > > Adding a rule before bringing up any interface does not unmerge the > tables: $ unshare -n bash > $ ip rule add table 50 prio 50 > $ ip li set lo up > > In fib_unmerge(), fib_new_table(net, RT_TABLE_LOCAL) returns null. > > > Where the reverse order works: > $ unshare -n bash > $ ip li set lo up > $ ip rule add table 50 prio 50 > > David
Powered by blists - more mailing lists