lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 17 Nov 2022 01:33:18 +0100
From:   Andrew Lunn <andrew@...n.ch>
To:     Steve Williams <steve.williams@...cruise.com>
Cc:     netdev@...r.kernel.org
Subject: Re: [PATCH net-next] sandlan: Add the sandlan virtual network
 interface

On Wed, Nov 16, 2022 at 02:24:29PM -0800, Steve Williams wrote:
> From: Stephen Williams <steve.williams@...cruise.com>
> 
> This is a virtual driver that is useful for testing network protocols
> or other complex networking without real ethernet hardware. Arbitrarily
> complex networks can be created and simulated by creating virtual network
> devices and assigning them to named broadcast domains, and all the usual
> ethernet-aware tools can operate on that network.
> 
> This is different from e.g. the tun/tap device driver in that it is not
> point-to-point.

My experience simulating networks using GNS3 and CORE is that you
combine tun/tap with a bridge. That reflects the reality of most of
todays networks, in that they no longer do CSMA-CD, they have point to
point links to a switch, the switch does address learning, filtering,
IGMP snooping, etc, and your total net bandwidth is much higher than
your line rate.

I did however recently learn that some T1 automotive network are
CSMA-CD, a good old fashioned shared bus.

So have you reimplemented basic bridge functionality? I've not looked
at the code yet to answer the question myself.

> +EXAMPLE
> +=======
> +
> +In this example, we create two NICs in a shared domain, and also create
> +a 3rd in the sae domain that wireshark can use to snoop on the network
> +traffic.
> +
> +First, make sure the interfaces exist::
> +
> +  echo +sandlan0 > /sys/class/net/sandlan_interfaces
> +  echo +sandlan1 > /sys/class/net/sandlan_interfaces
> +  echo +sandlan2 > /sys/class/net/sandlan_interfaces

A sysfs interface is unlikely to be accepted. You should be using
netlink.

ip link add sandlan0 type sandlan

etc.

> +While we're at it, demonstrate sandlan domains. Create a domain and
> +put all the interfaces in that domain. Note that this is a
> +connectivity domain, and not the same as netns namespaces::
> +
> +  echo +side > /sys/class/net/sandlan_domains
> +  echo side > /sys/class/net/sandlan0/sandlan/domain
> +  echo side > /sys/class/net/sandlan1/sandlan/domain
> +  echo side > /sys/class/net/sandlan2/sandlan/domain

ip link set sandlan0 domain side

   Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ