* nft -- documentation on fib_addrtype missing, more data
@ 2019-10-10 21:45 Stephen Satchell
2019-10-11 8:29 ` Pablo Neira Ayuso
0 siblings, 1 reply; 5+ messages in thread
From: Stephen Satchell @ 2019-10-10 21:45 UTC (permalink / raw)
To: netfilter
Poking around looking for more information, I ran across this little tidbit:
From man 7 rtnetlink:
rtm_type Route type
-----------------------------------------------------------------
RTN_UNSPEC unknown route
RTN_UNICAST a gateway or direct route
RTN_LOCAL a local interface route
RTN_BROADCAST a local broadcast route (sent as a broadcast)
RTN_ANYCAST a local broadcast route (sent as a unicast)
RTN_MULTICAST a multicast route
RTN_BLACKHOLE a packet dropping route
RTN_UNREACHABLE an unreachable destination
RTN_PROHIBIT a packet rejection route
RTN_THROW continue routing lookup in another table
This clears up the confusion I had about "anycast" versus "broadcast".
Is there a shell tool that will show the route type(s) for a
specified address?
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: nft -- documentation on fib_addrtype missing, more data
2019-10-10 21:45 nft -- documentation on fib_addrtype missing, more data Stephen Satchell
@ 2019-10-11 8:29 ` Pablo Neira Ayuso
2019-10-11 9:47 ` Florian Westphal
0 siblings, 1 reply; 5+ messages in thread
From: Pablo Neira Ayuso @ 2019-10-11 8:29 UTC (permalink / raw)
To: Stephen Satchell; +Cc: netfilter
On Thu, Oct 10, 2019 at 02:45:59PM -0700, Stephen Satchell wrote:
> Poking around looking for more information, I ran across this little tidbit:
>
> From man 7 rtnetlink:
> rtm_type Route type
> -----------------------------------------------------------------
> RTN_UNSPEC unknown route
> RTN_UNICAST a gateway or direct route
> RTN_LOCAL a local interface route
> RTN_BROADCAST a local broadcast route (sent as a broadcast)
> RTN_ANYCAST a local broadcast route (sent as a unicast)
> RTN_MULTICAST a multicast route
> RTN_BLACKHOLE a packet dropping route
> RTN_UNREACHABLE an unreachable destination
> RTN_PROHIBIT a packet rejection route
> RTN_THROW continue routing lookup in another table
>
> This clears up the confusion I had about "anycast" versus "broadcast".
>
> Is there a shell tool that will show the route type(s) for a
> specified address?
# nft describe fib saddr type
fib expression, datatype fib_addrtype (fib address type) (basetype integer), 32 bits
pre-defined symbolic constants (in decimal):
unspec 0
unicast 1
local 2
broadcast 3
anycast 4
multicast 5
blackhole 6
unreachable 7
prohibit 8
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: nft -- documentation on fib_addrtype missing, more data
2019-10-11 8:29 ` Pablo Neira Ayuso
@ 2019-10-11 9:47 ` Florian Westphal
2019-10-11 10:04 ` Pablo Neira Ayuso
2019-10-11 15:09 ` Stephen Satchell
0 siblings, 2 replies; 5+ messages in thread
From: Florian Westphal @ 2019-10-11 9:47 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: Stephen Satchell, netfilter
Pablo Neira Ayuso <pablo@netfilter.org> wrote:
> # nft describe fib saddr type
> fib expression, datatype fib_addrtype (fib address type) (basetype integer), 32 bits
>
> pre-defined symbolic constants (in decimal):
[..]
It might make sense to teach nft describe to also work with the type,
so you could get the symbolic constants via
nft describe fib_addrtype
What do you think?
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: nft -- documentation on fib_addrtype missing, more data
2019-10-11 9:47 ` Florian Westphal
@ 2019-10-11 10:04 ` Pablo Neira Ayuso
2019-10-11 15:09 ` Stephen Satchell
1 sibling, 0 replies; 5+ messages in thread
From: Pablo Neira Ayuso @ 2019-10-11 10:04 UTC (permalink / raw)
To: Florian Westphal; +Cc: Stephen Satchell, netfilter
On Fri, Oct 11, 2019 at 11:47:21AM +0200, Florian Westphal wrote:
> Pablo Neira Ayuso <pablo@netfilter.org> wrote:
> > # nft describe fib saddr type
> > fib expression, datatype fib_addrtype (fib address type) (basetype integer), 32 bits
> >
> > pre-defined symbolic constants (in decimal):
> [..]
>
> It might make sense to teach nft describe to also work with the type,
> so you could get the symbolic constants via
>
> nft describe fib_addrtype
>
> What do you think?
That's doable, yes.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: nft -- documentation on fib_addrtype missing, more data
2019-10-11 9:47 ` Florian Westphal
2019-10-11 10:04 ` Pablo Neira Ayuso
@ 2019-10-11 15:09 ` Stephen Satchell
1 sibling, 0 replies; 5+ messages in thread
From: Stephen Satchell @ 2019-10-11 15:09 UTC (permalink / raw)
To: Florian Westphal, Pablo Neira Ayuso; +Cc: netfilter
TL;DR: The existing invocation "nft describe fib saddr type" (which I
didn't find documented) provides information describing fib_addrtype.
Consider adding these invocations, described below:
nft describe fib_addrtype
nft describe cmds
nft show type <ip-address> and/or
nft show fib_addrtype <ip-address> and/or
nft show route <ip-address>
On 10/11/19 2:47 AM, Florian Westphal wrote:
> Pablo Neira Ayuso <pablo@netfilter.org> wrote:
>> # nft describe fib saddr type
>> fib expression, datatype fib_addrtype (fib address type) (basetype integer), 32 bits
>>
>> pre-defined symbolic constants (in decimal):
> [..]
>
> It might make sense to teach nft describe to also work with the type,
> so you could get the symbolic constants via
>
> nft describe fib_addrtype
>
> What do you think?
That's a good thing to do. Instead of a verbose section, you can add to
"man 8 nft" before "Using fib expressions: this short paragraph:
> List valid fib_addrtype symbols using "nft describe fib_addrtype".
> Descriptions of their meaning can be found in the "RTM_NEWROUTE,
> RTM_DELROUTE, RTM_GETROUTE" section of man 7 rtnetlink
For the wiki, I suggest it would be better to pull the information
together. Book and HOWTO authors can do the same thing, to minimize the
amount of cross-referencing.
What I would like to see in the wiki is an example routing table, with a
table of IP addresses and the value of fib_addrtype that would be
associated with it.
To assist the tech writer, add a new command:
nft show type <ip-address> and/or
nft show fib_addrtype <ip-address> and/or
nft show route <ip-address>
where "ip-address" is an IPv4 or IPv6 host address (not netblock).
Documentation for this would be added to the ADDITIONAL COMMANDS section
of the command page. The command could show other information such as
the interface name and other routing information, that can be tested in
fib expressions, from the routing response. I haven't found any tool to
provide this capability in the various network utilities.
While you are at it, consider adding "nft describe cmds" and adding a
line to the "nft --help" to tell the user to use this new facility.
Most Linux utilities would add this to the output of --help; I would
suggest keeping the list of command keywords separate. (I thought about
"nft --help commands" as an alternative, but y'all might not like it.)
Isn't it great to have a complete noob like me coming on at this late date?
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-10-11 15:09 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-10-10 21:45 nft -- documentation on fib_addrtype missing, more data Stephen Satchell
2019-10-11 8:29 ` Pablo Neira Ayuso
2019-10-11 9:47 ` Florian Westphal
2019-10-11 10:04 ` Pablo Neira Ayuso
2019-10-11 15:09 ` Stephen Satchell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.