From: Patrick McHardy <kaber@trash.net>
To: Jan Engelhardt <jengelh@medozas.de>
Cc: "David S. Miller" <davem@davemloft.net>,
Holger Eitzenberger <heitzenberger@astaro.com>,
Pablo Neira Ayuso <pablo@netfilter.org>,
netdev@vger.kernel.org
Subject: Re: Netlink limitations
Date: Tue, 09 Nov 2010 13:24:26 +0100 [thread overview]
Message-ID: <4CD93D7A.2010305@trash.net> (raw)
In-Reply-To: <alpine.LNX.2.01.1011091303250.21752@obet.zrqbmnf.qr>
Am 09.11.2010 13:10, schrieb Jan Engelhardt:
>
> On Sunday 2010-11-07 18:17, Patrick McHardy wrote:
>> On 07.11.2010 17:44, Jan Engelhardt wrote:
>>> we mentioned it only briefly at the Netfilter workshop a few weeks ago,
>>> but as I am trying to figure out how to use Netlink in Xtables,
>>> Netlink's limitations really start ruining my day.
>>>
>>> The well-known issue is that NL messages[sic] the kernel is supposed to
>>> receive have a max size of 64K, due to nlmsghdr's use of uint16_t. This
>>> is very problematic because attributes can easily amass more than 64K.
>>> Think of a chain full of rules, represented by a top-level attribute
>>> that nests attributes. The problem is bidirectional, a table
>>> dump has the same problem.
>>
>> Messages are not limited to 64k, individual attributes are. Holger
>> started working on a nlattr32, which uses 32 bit for the length
>> value.
>
> Does he have a format specification available?
As I said, the basic idea is to use a length value of zero to indicate
that the length should be read from a second length member. Basically:
struct nlattr32 {
__u16 nla_len;
__u16 nla_type;
__u32 nla_len2;
};
prev parent reply other threads:[~2010-11-09 12:24 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-07 16:44 Netlink limitations Jan Engelhardt
2010-11-07 17:17 ` Patrick McHardy
2010-11-08 15:16 ` Thomas Graf
2010-11-08 19:21 ` Jan Engelhardt
2010-11-08 23:36 ` Pablo Neira Ayuso
2010-11-09 9:27 ` Patrick McHardy
2010-11-09 14:49 ` Thomas Graf
2010-11-09 20:20 ` Jan Engelhardt
2010-11-09 21:40 ` Thomas Graf
2010-11-09 22:02 ` Jan Engelhardt
2010-11-09 23:35 ` Thomas Graf
2010-11-09 23:42 ` Jan Engelhardt
2010-11-09 23:54 ` Thomas Graf
2010-11-09 11:58 ` Jan Engelhardt
2010-11-09 12:10 ` Jan Engelhardt
2010-11-09 12:24 ` Patrick McHardy [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4CD93D7A.2010305@trash.net \
--to=kaber@trash.net \
--cc=davem@davemloft.net \
--cc=heitzenberger@astaro.com \
--cc=jengelh@medozas.de \
--cc=netdev@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.