From: Jiri Benc <jbenc@redhat.com>
To: Wolfgang Bumiller <w.bumiller@proxmox.com>
Cc: Christian Brauner <christian.brauner@canonical.com>,
Christian Brauner <christian.brauner@ubuntu.com>,
davem@davemloft.net, dsahern@gmail.com, fw@strlen.de,
daniel@iogearbox.net, lucien.xin@gmail.com,
mschiffer@universe-factory.net, jakub.kicinski@netronome.com,
vyasevich@gmail.com, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, stephen@networkplumber.org
Subject: Re: [PATCH net-next 1/1] rtnetlink: request RTM_GETLINK by pid or fd
Date: Tue, 23 Jan 2018 11:42:30 +0100 [thread overview]
Message-ID: <20180123114230.34b763c1@redhat.com> (raw)
In-Reply-To: <20180123102658.wll4xb7ewjjy5x55@olga.proxmox.com>
On Tue, 23 Jan 2018 11:26:58 +0100, Wolfgang Bumiller wrote:
> Even if you know the netnsid, do the mentioned watches work for
> nested/child namespaces if eg. a container creates new namespace before
> and/or after the watch was established and moves interfaces to these
> child namespaces, would you just see them disappear, or can you keep
> track of them later on as well?
What do you mean by "nested namespaces"? There's no such thing for net
name spaces.
As for missing API to get netnsid of the netns the interface is moved
to, see my previous emails in this thread. This needs to be added.
> Even if that works, from what the documentation tells me netlink is an
> unreliable protocol, so if my watcher's socket buffer is full, wouldn't
> I be losing important tracking information?
Sure. But that's fundamentally unfixable independently on netlink, the
kernel needs to take an action if a program is not reading its
messages. Either some messages get dropped or the program is killed or
infinite amount of memory is consumed. This has nothing to do with uAPI
design.
> I think one possible solution to tracking interfaces would be to have a
> unique identifier that never changes (even if it's just a simple
> uint64_t incremented whenever an interface is created). But since
> they're not local to the current namespace that may require a lot of
> extra permission checks (but I'm just speculating here...).
You'll get a hard NACK from CRIU folks if you try to propose this.
> In any case, IFLA_NET_NS_FD/PID are already there and I had been
> wondering previously why they couldn't be used with RTM_GETLINK, it
> would just make sense.
Those predate netnsids and we can't get rid of them now, since they're
part of uAPI. But we can (and should) make sure we don't add more of
those.
Jiri
next prev parent reply other threads:[~2018-01-23 10:42 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-18 20:21 [PATCH net-next 0/1] rtnetlink: request RTM_GETLINK by pid or fd Christian Brauner
2018-01-18 20:21 ` [PATCH net-next 1/1] " Christian Brauner
2018-01-18 20:29 ` Jiri Benc
2018-01-18 20:55 ` Christian Brauner
2018-01-22 21:00 ` Jiri Benc
2018-01-22 21:23 ` Christian Brauner
2018-01-22 22:06 ` Jiri Benc
2018-01-22 22:25 ` Christian Brauner
2018-01-23 9:30 ` Jiri Benc
2018-01-23 10:26 ` Wolfgang Bumiller
2018-01-23 10:42 ` Jiri Benc [this message]
[not found] ` <20180123114218.vsm5nu2jajrqjvko@gmail.com>
2018-01-23 12:22 ` Jiri Benc
2018-01-23 16:55 ` Nicolas Dichtel
2018-01-23 18:05 ` Christian Brauner
2018-01-24 11:32 ` [PATCH net-next 0/3] rtnetlink: enable IFLA_IF_NETNSID for RTM_{DEL,SET}LINK Christian Brauner
2018-01-24 11:32 ` [PATCH net-next 1/3] rtnetlink: enable IFLA_IF_NETNSID in do_setlink() Christian Brauner
2018-01-24 11:52 ` [PATCH net-next 2/3] rtnetlink: enable IFLA_IF_NETNSID for RTM_SETLINK Christian Brauner
2018-01-24 11:53 ` [PATCH net-next 3/3] rtnetlink: enable IFLA_IF_NETNSID for RTM_DELLINK Christian Brauner
2018-01-23 16:50 ` [PATCH net-next 1/1] rtnetlink: request RTM_GETLINK by pid or fd Nicolas Dichtel
2018-01-23 16:37 ` Nicolas Dichtel
2018-01-23 17:08 ` Jiri Benc
2018-01-24 10:53 ` Nicolas Dichtel
2018-01-24 11:03 ` Jiri Benc
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180123114230.34b763c1@redhat.com \
--to=jbenc@redhat.com \
--cc=christian.brauner@canonical.com \
--cc=christian.brauner@ubuntu.com \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=dsahern@gmail.com \
--cc=fw@strlen.de \
--cc=jakub.kicinski@netronome.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lucien.xin@gmail.com \
--cc=mschiffer@universe-factory.net \
--cc=netdev@vger.kernel.org \
--cc=stephen@networkplumber.org \
--cc=vyasevich@gmail.com \
--cc=w.bumiller@proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).