From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Patrick McHardy <kaber@trash.net>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: nft netdev family bindings
Date: Fri, 5 Jun 2015 17:58:27 +0200 [thread overview]
Message-ID: <20150605155827.GA3505@salvia> (raw)
In-Reply-To: <20150605133533.GA4024@acer.localdomain>
On Fri, Jun 05, 2015 at 03:35:33PM +0200, Patrick McHardy wrote:
> Hi Pablo,
>
> looking at the netdev syntax:
>
> table netdev eth0 {
> device eth0;
> ...
>
> I think this "device" specification is inconsistent with out normal use
> of handles. Usually the table_spec contains the fully qualified handle,
> which in this case needs to include the device.
>
> Consider:
>
> table netdev somename {
> device eth0;
> ...
>
> table netdev somename {
> device eth1;
> ...
I see, you mean the same name:
# nft add table netdev somename { device eth0 \; }
# nft add table netdev somename { device eth1 \; }
I can see this is not working fine now, since the second invocation is
considered an update. But the kernel should bail out with EBUSY IMO.
> Without including the device in the table handle, the name alone is amiguitios.
The table name should be unique as with other families. Then, probably
the device doesn't belong to the handle.
> I'd propose to use
>
> table netdev <dev> <name>
>
> Just as we have the family in the handle.
I've considering to allow to bind a table to an input device from
other families as something optional. From the hardware offload
perspective we would need this too if we want to offload the
forwarding table.
Let me know, thanks!
next prev parent reply other threads:[~2015-06-05 15:53 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-05 13:35 nft netdev family bindings Patrick McHardy
2015-06-05 15:58 ` Pablo Neira Ayuso [this message]
2015-06-05 15:59 ` Patrick McHardy
2015-06-05 16:47 ` Patrick McHardy
2015-06-08 11:40 ` Pablo Neira Ayuso
2015-06-09 9:23 ` Patrick McHardy
2015-06-09 10:52 ` Pablo Neira Ayuso
2015-06-09 10:57 ` Patrick McHardy
2015-06-09 11:46 ` Pablo Neira Ayuso
2015-06-09 12:13 ` Patrick McHardy
2015-06-10 14:02 ` Pablo Neira Ayuso
2015-06-10 15:37 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150605155827.GA3505@salvia \
--to=pablo@netfilter.org \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).