From: Vlad Yasevich <vyasevich@gmail.com>
To: Michal Kubecek <mkubecek@suse.cz>
Cc: Kevin Wallace <kevin@pentabarf.net>, netdev@vger.kernel.org
Subject: Re: [PATCH v2] macvlan: Support creating macvtaps from macvlans
Date: Wed, 04 Dec 2013 09:57:32 -0500 [thread overview]
Message-ID: <529F42DC.2060804@gmail.com> (raw)
In-Reply-To: <20131204142314.GB28692@unicorn.suse.cz>
On 12/04/2013 09:23 AM, Michal Kubecek wrote:
> On Wed, Dec 04, 2013 at 08:59:21AM -0500, Vlad Yasevich wrote:
>> On 12/03/2013 02:47 PM, Michal Kubecek wrote:
>>> On Tue, Dec 03, 2013 at 11:17:37AM -0500, Vlad Yasevich wrote:
>>>>
>>>> the other question is should this be done in a loop? What happens if
>>>> you have nested namespaces?
>>>
>>> Nested namespaces are not a problem, what would be a problem, would be
>>> having a macvlan (macvtap) device on top of another macvlan. But the
>>> purpose of this particular code is to prevent it and use the underlying
>>> "real" device instead. That's why unlike vlan_dev_real_dev(),
>>> macvlan_dev_real_dev() doesn't need to recurse.
>>
>> Wait, so you have a namespace that uses macvlan to access the net.
>> That macvlan is configured on top of another macvlan, so you need to
>> get to the lower level device. I understand that. What I am asking
>> is that what happens if you have a namespace within a namespace with
>> the same network access restrictions. The code as is, will think that
>> the first level macvlan is the real device. Is this setup practical...
>
> My understanding is this:
>
> We have eth0, a real ethernet device in init_net. We create a macvlan
> device mv1 on top of it and put it into a namespace, say ns1. Inside
> ns1, we can't see eth0 so that we cannot do
>
> ip link add mv2 link eth0 type macvlan mode bridge
>
> The purpose of this code is to allow
>
> ip link add mv2 link mv1 type macvlan mode bridge
>
> but to use eth0 as lowerdev of mv2 instead. If we then put mv2 into
> another namespace ns2, there is still no problem because its lowerdev is
> also eth0 (even if we cannot see it inside ns2) so that
>
> ip link add mv3 link mv2 type macvlan mode bridge
>
> in fact creates mv3 with lowerdev eth0 again.
I see now, this makes total sense...
>
> However, what I'm not sure about is whether there is something to
> prevent building e.g. a macvlan on top of a (802.1q) VLAN on top of
> a macvlan.
That looks like it will create a new macvlan port on top of the VLAN
interface and use the VLAN as the lower_dev. I think it'll still work.
-vlad
>
> Michal Kubecek
>
next prev parent reply other threads:[~2013-12-04 14:57 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-03 4:13 [PATCH] macvlan: Support creating macvtaps from macvlans Kevin Wallace
2013-12-03 8:24 ` Michal Kubecek
2013-12-03 9:58 ` Kevin Wallace
2013-12-03 10:55 ` [PATCH v2] " Kevin Wallace
2013-12-03 16:17 ` Vlad Yasevich
2013-12-03 17:46 ` Kevin Wallace
2013-12-03 19:47 ` Michal Kubecek
2013-12-04 13:59 ` Vlad Yasevich
2013-12-04 14:23 ` Michal Kubecek
2013-12-04 14:57 ` Vlad Yasevich [this message]
2013-12-06 0:59 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=529F42DC.2060804@gmail.com \
--to=vyasevich@gmail.com \
--cc=kevin@pentabarf.net \
--cc=mkubecek@suse.cz \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.