From: Nicolas Dichtel <nicolas.dichtel@6wind.com>
To: Alexander Holler <holler@ahsoftware.de>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
netdev@vger.kernel.org, tgraf@suug.ch, davem@davemloft.net
Subject: Re: [PATCH net-next v2 0/7] netns: ease netlink use with a lot of netns
Date: Mon, 25 May 2015 15:09:54 +0200 [thread overview]
Message-ID: <55631F22.90903@6wind.com> (raw)
In-Reply-To: <5562FFB0.40708@ahsoftware.de>
Le 25/05/2015 12:55, Alexander Holler a écrit :
> Am 25.05.2015 um 09:45 schrieb Nicolas Dichtel:
>> Le 22/05/2015 22:50, Alexander Holler a écrit :
>
>>> First I think if NETLINK_LISTEN_ALL_NSID is enabled, a dump
>>> of the interfaces through RTM_GETLINK together with NLM_F_DUMP and
>>> NLM_F_REQUEST should return all interfaces of all reachable namespaces.
>> This option is only for 'listening', ie spontaneous notifications from the
>> kernel. It does nothing for request.
>
> The problem is that you need informations about the affected interfaces. E.g. if
> you receive an NEWADDR or NEWROUTE for some interface (indicated by the index of
> the interface) in a(nother) namespace, how do you get informations about that
> interface, if not by a dump which includes the interfaces of these namespaces
> too? Without knowledge about the interface, these messages are not very usable. ;)
Yes, this is the right things.
Usually, a daemon opens a socket to listen netlink event. Then, it opens
another netlink socket to dump the configuration (interfaces, addresses,
routes, etc.) and fill its internal structures. Starting from that point, for
most of configuration parameters, it doesn't need anymore to do dumps and thus
it can close the second socket. This allows your daemon to have only one socket
to monitor a set a netns.
Look at iproute for example, it starts by dumping all interfaces before
executing the specified command.
>
>> Not sure to follow you. veth0 sits in the current netns (let's say
>> init_net)
>> and veth1 in netns1.
>> So, when you dump veth0 in init_net, its link-netnsid is set to the id of
>> netns1 in init_net. And when you dump veth1 in netns1, it's link-netnsid
>> is set
>> to the id of init_net in netns1.
>
> I've misunderstood the meaning of IFLA_LINK_NETNSID. I thought it indicates the
> namespace an interface lives in, but it indicates the namespace it is linked too.
Yes.
>
> I've also thought that the NETNSID is a global unique identifier of a namespace,
> which seems to be wrong too. While I still not have read through all the
> sources, the other comments are suggesting that the NSID is just an ID which is
> unique only in one namespace, or in other words, every namespace has its own set
> of nsids. I'm not sure if I'm now right with that assumption, but that's what I
> now think after the responses to my mail. ;)
Right, nsid are local to a netns. This allows to migrate a container. With a
global id, that won't be possible. ifindex are local for the exact same purpose.
>
> So to conclude, I've now scheduled support for namespaces to a far later point.
> It doesn't seem to be as easy as I've thought after having read the introductory
> mail of your patch series. ;)
The main goal of the series was to improve scalability ;-)
Regards,
Nicolas
next prev parent reply other threads:[~2015-05-25 13:09 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-06 9:58 [PATCH net-next 0/6] netns: ease netlink use with a lot of netns Nicolas Dichtel
2015-05-06 9:58 ` [PATCH net-next 1/6] netns: returns always an id in __peernet2id() Nicolas Dichtel
2015-05-06 11:19 ` Thomas Graf
2015-05-06 9:58 ` [PATCH net-next 2/6] netns: always provide the id to rtnl_net_fill() Nicolas Dichtel
2015-05-06 11:25 ` Thomas Graf
2015-05-06 9:58 ` [PATCH net-next 3/6] netns: rename peernet2id() to peernet2id_alloc() Nicolas Dichtel
2015-05-06 11:27 ` Thomas Graf
2015-05-06 9:58 ` [PATCH net-next 4/6] netns: notify new nsid outside __peernet2id() Nicolas Dichtel
2015-05-06 11:48 ` Thomas Graf
2015-05-06 13:39 ` Nicolas Dichtel
2015-05-06 9:58 ` [PATCH net-next 5/6] netns: use a spin_lock to protect nsid management Nicolas Dichtel
2015-05-06 12:23 ` Thomas Graf
2015-05-06 13:40 ` Nicolas Dichtel
2015-05-06 14:05 ` Thomas Graf
2015-05-06 9:58 ` [PATCH net-next 6/6] netlink: allow to listen "all" netns Nicolas Dichtel
2015-05-06 12:10 ` Thomas Graf
2015-05-06 13:42 ` Nicolas Dichtel
2015-05-07 9:02 ` [PATCH net-next v2 0/7] netns: ease netlink use with a lot of netns Nicolas Dichtel
2015-05-07 9:02 ` [PATCH net-next v2 1/7] netns: returns always an id in __peernet2id() Nicolas Dichtel
2015-05-07 9:02 ` [PATCH net-next v2 2/7] netns: always provide the id to rtnl_net_fill() Nicolas Dichtel
2015-05-07 9:02 ` [PATCH net-next v2 3/7] netns: rename peernet2id() to peernet2id_alloc() Nicolas Dichtel
2015-05-07 9:02 ` [PATCH net-next v2 4/7] netns: notify new nsid outside __peernet2id() Nicolas Dichtel
2015-05-07 11:47 ` Thomas Graf
2015-05-07 9:02 ` [PATCH net-next v2 5/7] netns: use a spin_lock to protect nsid management Nicolas Dichtel
2015-05-07 9:02 ` [PATCH net-next v2 6/7] netlink: rename private flags and states Nicolas Dichtel
2015-05-07 11:49 ` Thomas Graf
2015-05-07 9:02 ` [PATCH net-next v2 7/7] netlink: allow to listen "all" netns Nicolas Dichtel
2015-05-07 11:55 ` Thomas Graf
2015-05-08 12:02 ` [PATCH net-next v2 0/7] netns: ease netlink use with a lot of netns Eric W. Biederman
2015-05-09 21:07 ` Nicolas Dichtel
2015-05-22 20:50 ` Alexander Holler
2015-05-22 21:04 ` Cong Wang
2015-05-22 21:12 ` Alexander Holler
2015-05-22 21:29 ` Cong Wang
2015-05-22 21:46 ` Alexander Holler
2015-05-22 21:19 ` Eric W. Biederman
2015-05-22 21:30 ` Alexander Holler
2015-05-25 7:45 ` Nicolas Dichtel
2015-05-25 10:55 ` Alexander Holler
2015-05-25 13:09 ` Nicolas Dichtel [this message]
2015-05-26 10:53 ` Alexander Holler
2015-05-26 12:10 ` Nicolas Dichtel
2015-05-26 14:36 ` Alexander Holler
2015-05-29 5:57 ` Alexander Holler
2015-05-10 2:15 ` David Miller
2015-05-20 14:19 ` [PATCH iproute2-next 0/6] Allow to monitor 'all-nsid' with ip and ip xfrm Nicolas Dichtel
2015-05-20 14:19 ` [PATCH iproute2-next 1/6] include: update linux/netlink.h Nicolas Dichtel
2015-05-20 14:19 ` [PATCH iproute2-next 2/6] man: update ip monitor page Nicolas Dichtel
2015-05-20 14:19 ` [PATCH iproute2-next 3/6] libnetlink: introduce rtnl_listen_filter_t Nicolas Dichtel
2015-05-20 14:19 ` [PATCH iproute2-next 4/6] ipmonitor: introduce print_headers Nicolas Dichtel
2015-05-20 14:20 ` [PATCH iproute2-next 5/6] ipmonitor: allows to monitor in several netns Nicolas Dichtel
2015-05-20 14:20 ` [PATCH iproute2-next 6/6] xfrmmonitor: " Nicolas Dichtel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55631F22.90903@6wind.com \
--to=nicolas.dichtel@6wind.com \
--cc=davem@davemloft.net \
--cc=ebiederm@xmission.com \
--cc=holler@ahsoftware.de \
--cc=netdev@vger.kernel.org \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.