lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAFBinCB74dYJOni8-vZ+hNH6Q6E4rmr5EHR_o5KQSGogJzBhFA@mail.gmail.com>
Date:   Fri, 8 Jul 2022 12:00:33 +0200
From:   Martin Blumenstingl <martin.blumenstingl@...glemail.com>
To:     Vladimir Oltean <vladimir.oltean@....com>
Cc:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>,
        Xiaoliang Yang <xiaoliang.yang_1@....com>,
        Claudiu Manoil <claudiu.manoil@....com>,
        Alexandre Belloni <alexandre.belloni@...tlin.com>,
        "UNGLinuxDriver@...rochip.com" <UNGLinuxDriver@...rochip.com>,
        Andrew Lunn <andrew@...n.ch>,
        Vivien Didelot <vivien.didelot@...il.com>,
        Florian Fainelli <f.fainelli@...il.com>,
        Petr Machata <petrm@...dia.com>,
        Ido Schimmel <idosch@...dia.com>,
        Woojung Huh <woojung.huh@...rochip.com>,
        Oleksij Rempel <linux@...pel-privat.de>,
        Arun Ramadoss <arun.ramadoss@...rochip.com>,
        Hauke Mehrtens <hauke@...ke-m.de>
Subject: Re: [RFC PATCH net-next 3/3] net: dsa: never skip VLAN configuration

Hi Vladimir,

On Fri, Jul 8, 2022 at 12:31 AM Vladimir Oltean <vladimir.oltean@....com> wrote:
[...]
> > So LAN1 can see the ARP request from the ping on LAN2.
> > But I am not seeing Linux trying to send a reply.
>
> It won't reply, you either need a network namespace or a VRF to do
> loopback IP networking. A VRF is a bit more complicated to do, here's a
> netns setup:
>
> ip netns add ns0
> ip link set lan2 netns ns0
> ip -n ns0 link set lan2 up
> ip -n ns0 addr add 192.168.2.2/24 dev lan2
> ip netns exec ns0 tcpdump -i lan2 -e -n
> ping 192.168.2.2
This does indeed work!
That made me look at another selftest and indeed: most of the
local_termination.sh tests are passing (albeit after having to make
some changes to the selftest scripts, I'll provide patches for these
soon)

None (zero) of the tests from bridge_vlan_unaware.sh and only a single
test from bridge_vlan_aware.sh ("Externally learned FDB entry - ageing
& roaming") are passing for me on GSWIP.
Also most of the ethtool.sh tests are failing (ping always reports
"Destination Host Unreachable").
I guess most (or at least more) of these are supposed to pass? Do you
want me to open another thread for this or is it fine to reply here?

[...]
> I'm not familiar with OpenWrt, sorry, I don't know what netifd does.
netifd is the network configuration daemon, it takes the network
configuration (from OpenWrts configuration files/format) and sets up
the corresponding interfaces and manages things like pppoe.

> Also, it's curious that this works, are you sure that the ARP responses
> and ICMP replies actually exit through the Ethernet port? ethtool -S
> should show if the physical counters increment.
Since it works with your example and I got the first selftests to pass
I'll skip further investigation here

> > > I wonder, would it be possible to set up a debian chroot?
> >
> > I'm thinking of packaging the selftests as OpenWrt package and also
> > providing all needed dependencies as OpenWrt packages.
> > I think (or I hope, not sure yet) the ping interval is just a matter
> > of a busybox config option.
>
> I think it depends on busybox version. At least the latest one
> https://github.com/mirror/busybox/blob/master/networking/ping.c#L970
> seems to support fractions of a second as intervals, I didn't see any
> restriction to sub-second values. In any case, the iputils version
> certainly does work.
Yes, there's a duration library inside busybox which by default only
takes integer values (it can be configured to use floats though).
I pushed my work in progress OpenWrt package to a branch, making use
of the iputils version: [0]
Compressed initramfs size is below 10M and uncompressed at 22M. My
device under test has 128M of RAM and that seems to be enough to run
mausezahn as well as any other tool that was run so far. So I am not
particularly concerned about storage size (anything with 32M flash or
more will do - 16M could be a bit tight in the end but will still work
I guess).


Best regards,
Martin


[0] https://github.com/xdarklight/openwrt-packages/commits/wip-kernel-selftests-net-forwarding-20220707

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ