From: "Julius Volz" <juliusv@google.com>
To: "Patrick McHardy" <kaber@trash.net>
Cc: "Simon Horman" <horms@verge.net.au>,
"Vince Busam" <vbusam@google.com>,
"Ben Greear" <greearb@candelatech.com>,
lvs-devel@vger.kernel.org, netdev@vger.kernel.org
Subject: Re: [PATCH 00/26] IPVS: Add first IPv6 support to IPVS.
Date: Mon, 16 Jun 2008 02:14:00 +0200 [thread overview]
Message-ID: <f4845fc0806151714r515545b1l443200d3377b59ad@mail.gmail.com> (raw)
In-Reply-To: <48528EED.7090307@trash.net>
On Fri, Jun 13, 2008 at 5:14 PM, Patrick McHardy <kaber@trash.net> wrote:
> Julius Volz wrote:
>> As for compatibility and extensibility, how is that best achieved with
>> netlink? I've seen some examples copy whole C structs into netlink
>> datagrams, but that is obviously what we don't want anymore. So the
>> way to go seems to be to transfer each struct field as a separate
>> netlink attribute, right?
>
> Yes. You can also group those which belong together logically
> in nested attributes.
Thanks. I've now looked closer at Netlink and read the Genetlink implementation.
For the new IPVS interface, is there a preference for the granularity
of the top-level Genetlink operations?
I see three naive possibilities (one Genetlink op per line), if we
start out with a straight mapping from the old API to the new one:
a)
SET - covers all of previous IP_VS_SO_SET_*
GET - covers all of previous IP_VS_SO_GET_*
b) more split up
ADD - services and destinations
EDIT - services and destinations
DEL - services and destinations
SETTIMEOUT
STARTDAEMON
STOPDAEMON
ZERO
(+ granular GET commands...)
c) totally split up
ADD_SVC
ADD_DEST
EDIT_SVC
EDIT_DEST
DEL_SVC
DEL_DEST
SETTIMEOUT
STARTDAEMON
STOPDAEMON
ZERO
(+ granular GET commands...)
I find http://www.linuxfoundation.org/en/Net:Generic_Netlink_HOWTO saying:
===========================
Operation Granularity
While it may be tempting to register a single operation for a Generic
Netlink family and multiplex multiple sub-commands on the single
operation, this is strongly discouraged for security reasons.
Combining multiple behaviors into one operation makes it difficult to
restrict the operations using the existing Linux kernel security
mechanisms.
===========================
Option c) looks reasonable to me and also seems easy to handle in
general. Is this the way to go? Or do we want the interface to look
completely different this time?
Julius
--
Google Switzerland GmbH
next prev parent reply other threads:[~2008-06-16 0:14 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-06-11 17:11 [PATCH 00/26] IPVS: Add first IPv6 support to IPVS Julius R. Volz
2008-06-11 17:11 ` [PATCH 01/26] IPVS: Add CONFIG_IP_VS_IPV6 option for IPv6 support Julius R. Volz
2008-06-11 17:11 ` [PATCH 02/26] IPVS: Change IPVS data structures to support IPv6 addresses Julius R. Volz
2008-06-11 17:12 ` Patrick McHardy
[not found] ` <f4845fc0806111041u2a9a197fseefe300ffbbda3c3@mail.gmail.com>
[not found] ` <485010E9.6000506@trash.net>
2008-06-11 18:08 ` Julius Volz
2008-06-12 1:54 ` Brian Haley
2008-06-12 9:47 ` Julius Volz
2008-06-11 17:11 ` [PATCH 03/26] IPVS: Use new address family fields in IPVS structs Julius R. Volz
2008-06-11 17:11 ` [PATCH 04/26] IPVS: Add address family specific debugging macros Julius R. Volz
2008-06-11 17:11 ` [PATCH 05/26] IPVS: Use new " Julius R. Volz
2008-06-11 17:14 ` Patrick McHardy
2008-06-11 17:11 ` [PATCH 06/26] IPVS: Add IPv6-specific function pointers to struct ip_vs_protocol Julius R. Volz
2008-06-11 17:11 ` [PATCH 07/26] IPVS: Add IPv6 handler functions to AH protocol handler Julius R. Volz
2008-06-11 17:11 ` [PATCH 08/26] IPVS: Add IPv6 handler functions to ESP " Julius R. Volz
2008-06-11 17:11 ` [PATCH 09/26] IPVS: Add IPv6 handler functions to TCP " Julius R. Volz
2008-06-11 17:11 ` [PATCH 10/26] IPVS: Add IPv6 handler functions to UDP " Julius R. Volz
2008-06-11 17:18 ` Patrick McHardy
2008-06-11 17:11 ` [PATCH 11/26] IPVS: Add supports_ipv6 flag to schedulers Julius R. Volz
2008-06-11 17:11 ` [PATCH 12/26] IPVS: Extend proto handler debug functions to handle IPv6 Julius R. Volz
2008-06-11 17:17 ` Patrick McHardy
2008-06-11 17:11 ` [PATCH 13/26] IPVS: Turn off FTP application helper for IPv6 Julius R. Volz
2008-06-11 17:11 ` [PATCH 14/26] IPVS: Extend xmit routing cache to support IPv6 Julius R. Volz
2008-06-11 17:11 ` [PATCH 15/26] IPVS: Modify IP_VS_XMIT() " Julius R. Volz
2008-06-11 17:11 ` [PATCH 16/26] IPVS: Add IPv6 xmit forwarding functions Julius R. Volz
2008-06-12 1:55 ` Brian Haley
2008-06-11 17:12 ` [PATCH 17/26] IPVS: Add connection hashing function for IPv6 entries Julius R. Volz
2008-06-11 17:12 ` [PATCH 18/26] IPVS: Add functions for getting/creating IPv6 connections Julius R. Volz
2008-06-12 1:55 ` Brian Haley
2008-06-11 17:12 ` [PATCH 19/26] IPVS: Add scheduling functions for " Julius R. Volz
2008-06-11 17:12 ` [PATCH 20/26] IPVS: Add IPv6 Netfilter hooks and add/modify support functions Julius R. Volz
2008-06-12 1:55 ` Brian Haley
2008-06-11 17:12 ` [PATCH 21/26] IPVS: Make proc/net files output IPv6 entries correctly Julius R. Volz
2008-06-11 17:12 ` [PATCH 22/26] IPVS: Add function to find out if IPv6 address is local Julius R. Volz
2008-06-11 17:12 ` [PATCH 23/26] IPVS: Add hash functions for IPv6 services and real servers Julius R. Volz
2008-06-11 17:12 ` [PATCH 24/26] IPVS: Add IPv6 support to userspace interface Julius R. Volz
2008-06-12 1:55 ` Brian Haley
2008-06-12 9:46 ` Julius Volz
2008-06-11 17:12 ` [PATCH 25/26] IPVS: Add support for IPv6 entry output in procfs files Julius R. Volz
2008-06-11 17:12 ` [PATCH 26/26] IPVS: Add some blame/credits for IPv6 version Julius R. Volz
2008-06-11 17:23 ` [PATCH 00/26] IPVS: Add first IPv6 support to IPVS Patrick McHardy
2008-06-11 18:23 ` Julius Volz
2008-06-11 18:42 ` Patrick McHardy
2008-06-11 19:05 ` Julius Volz
2008-06-11 19:10 ` Patrick McHardy
2008-06-11 19:29 ` Julius Volz
2008-06-11 19:31 ` Patrick McHardy
2008-06-11 19:53 ` Julius Volz
2008-06-11 20:14 ` Julius Volz
2008-06-11 20:55 ` Vince Busam
2008-06-11 21:30 ` Ben Greear
2008-06-11 22:26 ` Vince Busam
2008-06-12 1:45 ` Simon Horman
2008-06-12 13:31 ` Julius Volz
2008-06-12 13:38 ` Patrick McHardy
2008-06-12 15:34 ` Julius Volz
2008-06-12 15:41 ` Julius Volz
2008-06-12 15:46 ` Patrick McHardy
2008-06-12 19:33 ` Julius Volz
2008-06-13 6:26 ` Simon Horman
2008-06-13 14:17 ` Julius Volz
2008-06-13 15:14 ` Patrick McHardy
2008-06-16 0:14 ` Julius Volz [this message]
2008-06-16 11:47 ` Patrick McHardy
2008-06-16 12:13 ` Julius Volz
2008-06-16 23:19 ` Julius Volz
2008-06-17 11:52 ` Patrick McHardy
2008-06-17 17:18 ` Julius Volz
2008-06-17 20:08 ` Patrick McHardy
2008-06-17 22:47 ` Julius Volz
2008-06-18 8:57 ` Patrick McHardy
2008-06-18 14:17 ` Julius Volz
2008-06-18 14:19 ` Patrick McHardy
2008-06-18 14:27 ` Julius Volz
2008-06-18 14:30 ` Patrick McHardy
2008-06-18 14:36 ` Julius Volz
2008-06-30 12:01 ` Julius Volz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f4845fc0806151714r515545b1l443200d3377b59ad@mail.gmail.com \
--to=juliusv@google.com \
--cc=greearb@candelatech.com \
--cc=horms@verge.net.au \
--cc=kaber@trash.net \
--cc=lvs-devel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=vbusam@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).