From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 361D1C43381 for ; Wed, 6 Mar 2019 06:43:25 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 09F4020652 for ; Wed, 6 Mar 2019 06:43:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727181AbfCFGnX (ORCPT ); Wed, 6 Mar 2019 01:43:23 -0500 Received: from mail-qt1-f195.google.com ([209.85.160.195]:38566 "EHLO mail-qt1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725601AbfCFGnX (ORCPT ); Wed, 6 Mar 2019 01:43:23 -0500 Received: by mail-qt1-f195.google.com with SMTP id s1so11712696qte.5 for ; Tue, 05 Mar 2019 22:43:22 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=vzP6YtkpQymWKvXYcMlmzv6YzqJukXXnWly11ljG/Fo=; b=Gjnd8H0Hn/XUBDxG8JS2F5NDqVFVwH1IhvXiX9bURB5L5ibQhs6BS5F8TBxQyg5CBM 1qkghj8RTHIJBlyVURh8kUb/dDM2y+ttXtav0IyxmQx2yvsyx/cUe40zoDsAwzLUnV3e 084Q4ga3fhgNM584OBheF6u4OCl0prtHqd4A6TG2bOhxmSYfy94rsok4Zs/ztovEC6nX aOLrfGHELqaJ0OkSa5eOVJphwcpHYyWQH3Ej8djtlejHAx96fHRr7Qm9qIsX9t10iyjq sIfCfptb8kmbqagQ8ZYlGvfiBopcT9Q0s3fkD/nOWp5jnyIjwOskl0FzQDF7Cu/SY0eB moFw== X-Gm-Message-State: APjAAAURv46kDraJj0iYzEh5FdHFexfJ6PJON2BIj7h1pck2SBVi6La4 C0XCKM0abCjE2iiK3S0TfPWKOA== X-Google-Smtp-Source: APXvYqx1mkAMkkNnXDGkMWjXCRIhFkJwdrbzG3N6CvV88CKJONjKwBX8QB2HzpjYBwKu0o48Kmuc8Q== X-Received: by 2002:ad4:42c9:: with SMTP id f9mr5148812qvr.218.1551854602108; Tue, 05 Mar 2019 22:43:22 -0800 (PST) Received: from redhat.com (pool-173-76-246-42.bstnma.fios.verizon.net. [173.76.246.42]) by smtp.gmail.com with ESMTPSA id a13sm621473qtb.6.2019.03.05.22.43.20 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Mar 2019 22:43:21 -0800 (PST) Date: Wed, 6 Mar 2019 01:43:18 -0500 From: "Michael S. Tsirkin" To: si-wei liu Cc: Stephen Hemminger , Sridhar Samudrala , Jakub Kicinski , Jiri Pirko , David Miller , Netdev , virtualization@lists.linux-foundation.org, liran.alon@oracle.com, boris.ostrovsky@oracle.com, vijay.balakrishna@oracle.com Subject: Re: [RFC PATCH net-next] failover: allow name change on IFF_UP slave interfaces Message-ID: <20190306013255-mutt-send-email-mst@kernel.org> References: <1551747059-11831-1-git-send-email-si-wei.liu@oracle.com> <20190304213032-mutt-send-email-mst@kernel.org> <20190305112427.1a23822e@shemminger-XPS-13-9360> <9448ae8f-c4e0-58a4-ff46-2f2951113d1e@oracle.com> <20190305190325-mutt-send-email-mst@kernel.org> <8737e985-f418-7002-c8b5-0023d1c4a453@oracle.com> <20190305193439-mutt-send-email-mst@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On Tue, Mar 05, 2019 at 04:51:00PM -0800, si-wei liu wrote: > > > On 3/5/2019 4:36 PM, Michael S. Tsirkin wrote: > > On Tue, Mar 05, 2019 at 04:20:50PM -0800, si-wei liu wrote: > > > > > > On 3/5/2019 4:06 PM, Michael S. Tsirkin wrote: > > > > On Tue, Mar 05, 2019 at 11:35:50AM -0800, si-wei liu wrote: > > > > > On 3/5/2019 11:24 AM, Stephen Hemminger wrote: > > > > > > On Tue, 5 Mar 2019 11:19:32 -0800 > > > > > > si-wei liu wrote: > > > > > > > > > > > > > > I have a vague idea: would it work to *not* set > > > > > > > > IFF_UP on slave devices at all? > > > > > > > Hmm, I ever thought about this option, and it appears this solution is > > > > > > > more invasive than required to convert existing scripts, despite the > > > > > > > controversy of introducing internal netdev state to differentiate user > > > > > > > visible state. Either we disallow slave to be brought up by user, or to > > > > > > > not set IFF_UP flag but instead use the internal one, could end up with > > > > > > > substantial behavioral change that breaks scripts. Consider any admin > > > > > > > script that does `ip link set dev ... up' successfully just assumes the > > > > > > > link is up and subsequent operation can be done as usual. > > > > How would it work when carrier is off? > > > > > > > > > While it *may* > > > > > > > work for dracut (yet to be verified), I'm a bit concerned that there are > > > > > > > more scripts to be converted than those that don't follow volatile > > > > > > > failover slave names. It's technically doable, but may not worth the > > > > > > > effort (in terms of porting existing scripts/apps). > > > > > > > > > > > > > > Thanks > > > > > > > -Siwei > > > > > > Won't work for most devices. Many devices turn off PHY and link layer > > > > > > if not IFF_UP > > > > > True, that's what I said about introducing internal state for those driver > > > > > and other kernel component. Very invasive change indeed. > > > > > > > > > > -Siwei > > > > Well I did say it's vague. > > > > How about hiding IFF_UP from dev_get_flags (and probably > > > > __dev_change_flags)? > > > > > > > Any different? This has small footprint for the kernel change for sure, > > > while the discrepancy is still there. Anyone who writes code for IFF_UP will > > > not notice IFF_FAILOVER_SLAVE. > > > > > > Not to mention more userspace "fixup" work has to be done due to this > > > change. > > > > > > -Siwei > > > > > > > > Point is it's ok since most userspace should just ignore slaves > > - hopefully it will just ignore it since it already > > ignores interfaces that are down. > Admin script thought the interface could be bright up and do further > operations without checking the UP flag. These scripts then would be broken on any box with multiple interfaces since not all of these would have carrier. > It doesn't look to be a reliable > way of prohibit userspace from operating against slaves. > > -Siwei > > This does not mean we shouldn't make an effort to disable broken configurations. I am not arguing against your patch. Not at all. I see better hiding of slaves as a separate enhancement. Acked-by: Michael S. Tsirkin -- MST