From: Steffen Klassert <steffen.klassert@secunet.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>, netdev@vger.kernel.org
Subject: Re: Namespaces and inetpeer
Date: Tue, 13 Mar 2012 10:41:11 +0100 [thread overview]
Message-ID: <20120313094111.GN15404@secunet.com> (raw)
In-Reply-To: <20120312121130.GA17547@gondor.apana.org.au>
On Mon, Mar 12, 2012 at 11:11:30PM +1100, Herbert Xu wrote:
> On Mon, Mar 12, 2012 at 09:57:56AM +0100, Steffen Klassert wrote:
> >
> > Actually, it would be nice if we could have an inetpeer base per
> > fib table. This would imply namespace awareness and it would
> > handle the problem when we have mulitiple routes (with different
> > metrics etc.) to the same ip address on policy routing.
>
> How would you handle incoming ICMP need-to-frag messages?
>
I thought we could do a (reverse) lookup for the fib table
on incomming ICMP messages. While this would probaply work
if the source address etc. was used as the lookup key for the
initial fib table lookup, this is a real problem if a netfilter
mark was used as the lookup key.
While looking closer at this issue, I've got some doubts if we
ever handled the metrics correct when we choose the fib tables
based on marks. And indeed, in this case it never really worked.
When we updated the mtu based on an incomming ICMP from a certain
IP address, all routes to this ip address used this updated mtu.
If we choose the fib table based on source addresses, it worked as
long as we cached the metrics in the routing cache entries.
While we probaply could fix this case, I don't see how we can handle
the metrics when the initial fib table lookup is base on marks.
prev parent reply other threads:[~2012-03-13 9:41 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-10 13:25 Namespaces and inetpeer Herbert Xu
2012-03-12 8:57 ` Steffen Klassert
2012-03-12 9:35 ` David Miller
2012-03-12 9:58 ` Steffen Klassert
2012-03-12 10:05 ` David Miller
2012-03-12 12:11 ` Herbert Xu
2012-03-13 9:41 ` Steffen Klassert [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120313094111.GN15404@secunet.com \
--to=steffen.klassert@secunet.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).