Re: [PATCH net-next] net: ipv6: put autoconf routes into per-interface tables

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: David Miller <davem@davemloft.net>
To: lorenzo@google.com
Cc: temnota.am@gmail.com, netdev@vger.kernel.org
Subject: Re: [PATCH net-next] net: ipv6: put autoconf routes into per-interface tables
Date: Wed, 11 Jan 2017 09:11:39 -0500 (EST)	[thread overview]
Message-ID: <20170111.091139.1754139535517451753.davem@davemloft.net> (raw)
In-Reply-To: <CAKD1Yr3nfOp1LNfvVuTGZyThwu8Z+gaSN-DVaa11ZJYR+tMemg@mail.gmail.com>

From: Lorenzo Colitti <lorenzo@google.com>
Date: Wed, 11 Jan 2017 02:47:55 +0900

> On Tue, Jan 10, 2017 at 10:21 PM, Andrey Jr. Melnikov
> <temnota.am@gmail.com> wrote:
>>
>> > >>> I have no firsthand experience of this myself, but if the problems
>> > >>> that Andrey reports above in this thread are real, then those would
>> > >>> indicate that the code is not well-supported. Being unable to accept
>> > >>> DAD is a pretty serious issue. Andrey, what version of the kernel did
>> > >>> you see this on?
>>
>> Good catch. I'm running 4.8 without this patch. Current 4.10-rc works. Sorry
>> for noise.
> 
> Ack. As I said before, I haven't seen this myself. Shouldn't have made
> assertions without firsthand evidence.
> 
> That said, I think this patch is useful even though autoconf on VRFs
> works the same way. One reason is the example I provided above: it
> works even for interfaces that don't exist yet, whereas a VRF has to
> be created ahead of time, which means that the interface cannot
> immediately come up and receive an RA or its configuration will be
> incorrect.
> 
> I also think that from a configuration perspective it's not
> necessarily useful to have one VRF for every interface, but that sort
> of depends on your point of view. Perhaps it's fine on a client system
> to have both vrf-wlan0 and wlan0, and vrf-eth0 and eth0. That might be
> confusing to users but maybe users don't really care?
> 
> More in general I think that using a VRFs is buying into a bigger set
> of assumptions/restrictions than this patch does. For example, if I'm
> reading ipv6_dev_get_saddr correctly, once you put an interface in a
> VRF you can't really use the weak host model any more, because the
> stack won't pick a source address from outside the VRF if the route
> lookup returned a route in the VRF. Turning on the functionality in
> patch is a more minimal change that only affects autoconf.

I understand what you're saying, but if you look at how apps can be
put into hierarchical control groups, and automatically bind to VRF's
based upon where they are in that cgroup hierarchy, it matches your
use case precisely.

Maybe the setup is not ideal, but architectually it does everything
you want.  And we strongly try to avoid adding multiple ways to do the
same thing.

next prev parent reply	other threads:[~2017-01-11 14:11 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-01-06 15:30 [PATCH net-next] net: ipv6: put autoconf routes into per-interface tables Lorenzo Colitti
2017-01-08  4:24 ` David Ahern
2017-01-09 21:53   ` Andrey Jr. Melnikov
2017-01-10  2:01   ` Lorenzo Colitti
2017-01-10  2:08     ` David Ahern
2017-01-10  2:29       ` Lorenzo Colitti
2017-01-10  3:04         ` David Ahern
2017-01-10  3:30           ` Lorenzo Colitti
2017-01-10  3:39             ` David Ahern
2017-01-10 13:21               ` Andrey Jr. Melnikov
2017-01-10 17:47                 ` Lorenzo Colitti
2017-01-11 14:11                   ` David Miller [this message]
2017-01-11 16:46                     ` Lorenzo Colitti
2017-01-12 15:17     ` David Ahern

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170111.091139.1754139535517451753.davem@davemloft.net \
    --to=davem@davemloft.net \
    --cc=lorenzo@google.com \
    --cc=netdev@vger.kernel.org \
    --cc=temnota.am@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).