Re: Using VRF to limit 'ip monitor' and 'iw event' messages

Netdev List
 help / color / mirror / Atom feed

From: Ben Greear <greearb@candelatech.com>
To: David Ahern <dsahern@kernel.org>
Cc: John-Paul Powers <john-paul.powers@candelatech.com>,
	netdev <netdev@vger.kernel.org>
Subject: Re: Using VRF to limit 'ip monitor' and 'iw event' messages
Date: Wed, 20 May 2026 14:47:57 -0700	[thread overview]
Message-ID: <ed746b0a-3e15-34f7-e8dd-28099bfbb8fb@candelatech.com> (raw)
In-Reply-To: <b5d12c16-ef45-4d55-821a-6366b9f7510d@kernel.org>

On 5/19/26 17:15, David Ahern wrote:
> On 5/19/26 8:04 AM, Ben Greear wrote:
>>
>> At least many ip events are related to a network interface, so we could
>> add meta data about that to the netlink msg path and then filter
>> before it gets sent to the listener netlink sockets...
> 
> As I recall this problem has been discussed a few times.
> 
> There can be many netlink listeners - e.g., ip monitor, frr, ...
> 
> The lower level code (ie., the one generating the notification) has no
> idea how many sockets will receive the message and which ones will want
> some filter to be applied to the message before attaching to the socket.
> 
> The higher level code (netlink sockets) has no idea of the content of
> the message, so the ability to run a generic filter that is appropriate
> for netlink level is really difficult.
> 
>>
>> Given a network device, is there an efficient way to get the vrf-id
>> to which it belongs?
>>
> 
> yes, that is true for ip route, link, neigh, addr, tc, ... not so much
> for other netlink users.

We have it at least partially working now, it seems like it will not be as bad as I had feared.

For our purposes, filtering most of the unwanted messages should be sufficient, and anything
we cannot easily figure out the ifindex for, we'll just pass on to the socket.

We'll post a patch for consideration once we get some more edge cases sorted out
and some more testing completed.

Thanks,
Ben

-- 
Ben Greear <greearb@candelatech.com>
Candela Technologies Inc  http://www.candelatech.com

     prev parent reply	other threads:[~2026-05-20 21:48 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-18 21:51 Using VRF to limit 'ip monitor' and 'iw event' messages Ben Greear
2026-05-19  2:59 ` David Ahern
2026-05-19 14:04   ` Ben Greear
2026-05-20  0:15     ` David Ahern
2026-05-20 21:47       ` Ben Greear [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ed746b0a-3e15-34f7-e8dd-28099bfbb8fb@candelatech.com \
    --to=greearb@candelatech.com \
    --cc=dsahern@kernel.org \
    --cc=john-paul.powers@candelatech.com \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox