* [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown
@ 2020-10-17 12:50 Vincent Bernat
2020-10-20 0:53 ` Jakub Kicinski
2020-10-20 2:57 ` David Ahern
0 siblings, 2 replies; 7+ messages in thread
From: Vincent Bernat @ 2020-10-17 12:50 UTC (permalink / raw)
To: David S. Miller, Jakub Kicinski, Jonathan Corbet, netdev,
Andy Gospodarek, David Ahern
Cc: Vincent Bernat
Introduced in 0eeb075fad73, the "ignore_routes_with_linkdown" sysctl
ignores a route whose interface is down. It is provided as a
per-interface sysctl. However, while a "all" variant is exposed, it
was a noop since it was never evaluated. We use the usual "or" logic
for this kind of sysctls.
Tested with:
ip link add type veth # veth0 + veth1
ip link add type veth # veth1 + veth2
ip link set up dev veth0
ip link set up dev veth1 # link-status paired with veth0
ip link set up dev veth2
ip link set up dev veth3 # link-status paired with veth2
# First available path
ip -4 addr add 203.0.113.${uts#H}/24 dev veth0
ip -6 addr add 2001:db8:1::${uts#H}/64 dev veth0
# Second available path
ip -4 addr add 192.0.2.${uts#H}/24 dev veth2
ip -6 addr add 2001:db8:2::${uts#H}/64 dev veth2
# More specific route through first path
ip -4 route add 198.51.100.0/25 via 203.0.113.254 # via veth0
ip -6 route add 2001:db8:3::/56 via 2001:db8:1::ff # via veth0
# Less specific route through second path
ip -4 route add 198.51.100.0/24 via 192.0.2.254 # via veth2
ip -6 route add 2001:db8:3::/48 via 2001:db8:2::ff # via veth2
# H1: enable on "all"
# H2: enable on "veth0"
for v in ipv4 ipv6; do
case $uts in
H1)
sysctl -qw net.${v}.conf.all.ignore_routes_with_linkdown=1
;;
H2)
sysctl -qw net.${v}.conf.veth0.ignore_routes_with_linkdown=1
;;
esac
done
set -xe
# When veth0 is up, best route is through veth0
ip -o route get 198.51.100.1 | grep -Fw veth0
ip -o route get 2001:db8:3::1 | grep -Fw veth0
# When veth0 is down, best route should be through veth2 on H1/H2,
# but on veth0 on H2
ip link set down dev veth1 # down veth0
ip route show
[ $uts != H3 ] || ip -o route get 198.51.100.1 | grep -Fw veth0
[ $uts != H3 ] || ip -o route get 2001:db8:3::1 | grep -Fw veth0
[ $uts = H3 ] || ip -o route get 198.51.100.1 | grep -Fw veth2
[ $uts = H3 ] || ip -o route get 2001:db8:3::1 | grep -Fw veth2
Without this patch, the two last lines would fail on H1 (the one using
the "all" sysctl). With the patch, everything succeeds as expected.
Also document the sysctl in `ip-sysctl.rst`.
Fixes: 0eeb075fad73 ("net: ipv4 sysctl option to ignore routes when nexthop link is down")
Signed-off-by: Vincent Bernat <vincent@bernat.ch>
---
Documentation/networking/ip-sysctl.rst | 3 +++
include/linux/inetdevice.h | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst
index 837d51f9e1fa..fb6e4658fd4f 100644
--- a/Documentation/networking/ip-sysctl.rst
+++ b/Documentation/networking/ip-sysctl.rst
@@ -1552,6 +1552,9 @@ igmpv3_unsolicited_report_interval - INTEGER
Default: 1000 (1 seconds)
+ignore_routes_with_linkdown - BOOLEAN
+ Ignore routes whose link is down when performing a FIB lookup.
+
promote_secondaries - BOOLEAN
When a primary IP address is removed from this interface
promote a corresponding secondary IP address instead of
diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h
index 3515ca64e638..3bbcddd22df8 100644
--- a/include/linux/inetdevice.h
+++ b/include/linux/inetdevice.h
@@ -126,7 +126,7 @@ static inline void ipv4_devconf_setall(struct in_device *in_dev)
IN_DEV_ORCONF((in_dev), ACCEPT_REDIRECTS)))
#define IN_DEV_IGNORE_ROUTES_WITH_LINKDOWN(in_dev) \
- IN_DEV_CONF_GET((in_dev), IGNORE_ROUTES_WITH_LINKDOWN)
+ IN_DEV_ORCONF((in_dev), IGNORE_ROUTES_WITH_LINKDOWN)
#define IN_DEV_ARPFILTER(in_dev) IN_DEV_ORCONF((in_dev), ARPFILTER)
#define IN_DEV_ARP_ACCEPT(in_dev) IN_DEV_ORCONF((in_dev), ARP_ACCEPT)
--
2.28.0
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown
2020-10-17 12:50 [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown Vincent Bernat
@ 2020-10-20 0:53 ` Jakub Kicinski
2020-10-20 2:56 ` David Ahern
2020-10-20 6:20 ` Vincent Bernat
2020-10-20 2:57 ` David Ahern
1 sibling, 2 replies; 7+ messages in thread
From: Jakub Kicinski @ 2020-10-20 0:53 UTC (permalink / raw)
To: Vincent Bernat
Cc: David S. Miller, Jonathan Corbet, netdev, Andy Gospodarek, David Ahern
On Sat, 17 Oct 2020 14:50:11 +0200 Vincent Bernat wrote:
> Introduced in 0eeb075fad73, the "ignore_routes_with_linkdown" sysctl
> ignores a route whose interface is down. It is provided as a
> per-interface sysctl. However, while a "all" variant is exposed, it
> was a noop since it was never evaluated. We use the usual "or" logic
> for this kind of sysctls.
> Without this patch, the two last lines would fail on H1 (the one using
> the "all" sysctl). With the patch, everything succeeds as expected.
>
> Also document the sysctl in `ip-sysctl.rst`.
>
> Fixes: 0eeb075fad73 ("net: ipv4 sysctl option to ignore routes when nexthop link is down")
> Signed-off-by: Vincent Bernat <vincent@bernat.ch>
I'm not hearing any objections, but I have two questions:
- do you intend to merge it for 5.10 or 5.11? Because it has a fixes
tag, yet it's marked for net-next. If we put it in 5.10 it may get
pulled into stable immediately, knowing how things work lately.
- we have other sysctls that use IN_DEV_CONF_GET(),
e.g. "proxy_arp_pvlan" should those also be converted?
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown
2020-10-20 0:53 ` Jakub Kicinski
@ 2020-10-20 2:56 ` David Ahern
2020-10-20 3:15 ` Jakub Kicinski
2020-10-20 6:20 ` Vincent Bernat
1 sibling, 1 reply; 7+ messages in thread
From: David Ahern @ 2020-10-20 2:56 UTC (permalink / raw)
To: Jakub Kicinski, Vincent Bernat
Cc: David S. Miller, Jonathan Corbet, netdev, Andy Gospodarek
On 10/19/20 6:53 PM, Jakub Kicinski wrote:
> On Sat, 17 Oct 2020 14:50:11 +0200 Vincent Bernat wrote:
>> Introduced in 0eeb075fad73, the "ignore_routes_with_linkdown" sysctl
>> ignores a route whose interface is down. It is provided as a
>> per-interface sysctl. However, while a "all" variant is exposed, it
>> was a noop since it was never evaluated. We use the usual "or" logic
>> for this kind of sysctls.
>
>> Without this patch, the two last lines would fail on H1 (the one using
>> the "all" sysctl). With the patch, everything succeeds as expected.
>>
>> Also document the sysctl in `ip-sysctl.rst`.
>>
>> Fixes: 0eeb075fad73 ("net: ipv4 sysctl option to ignore routes when nexthop link is down")
>> Signed-off-by: Vincent Bernat <vincent@bernat.ch>
>
> I'm not hearing any objections, but I have two questions:
> - do you intend to merge it for 5.10 or 5.11? Because it has a fixes
> tag, yet it's marked for net-next. If we put it in 5.10 it may get
> pulled into stable immediately, knowing how things work lately.
> - we have other sysctls that use IN_DEV_CONF_GET(),
> e.g. "proxy_arp_pvlan" should those also be converted?
>
The inconsistency with 'all' has been a major pain. In this case, I
think it makes sense. Blindly changing all of them I suspect will lead
to trouble. It is something reviewers should keep an eye on as sysctl
settings get added.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown
2020-10-20 2:56 ` David Ahern
@ 2020-10-20 3:15 ` Jakub Kicinski
0 siblings, 0 replies; 7+ messages in thread
From: Jakub Kicinski @ 2020-10-20 3:15 UTC (permalink / raw)
To: David Ahern
Cc: Vincent Bernat, David S. Miller, Jonathan Corbet, netdev,
Andy Gospodarek
On Mon, 19 Oct 2020 20:56:36 -0600 David Ahern wrote:
> On 10/19/20 6:53 PM, Jakub Kicinski wrote:
> > On Sat, 17 Oct 2020 14:50:11 +0200 Vincent Bernat wrote:
> >> Introduced in 0eeb075fad73, the "ignore_routes_with_linkdown" sysctl
> >> ignores a route whose interface is down. It is provided as a
> >> per-interface sysctl. However, while a "all" variant is exposed, it
> >> was a noop since it was never evaluated. We use the usual "or" logic
> >> for this kind of sysctls.
> >
> >> Without this patch, the two last lines would fail on H1 (the one using
> >> the "all" sysctl). With the patch, everything succeeds as expected.
> >>
> >> Also document the sysctl in `ip-sysctl.rst`.
> >>
> >> Fixes: 0eeb075fad73 ("net: ipv4 sysctl option to ignore routes when nexthop link is down")
> >> Signed-off-by: Vincent Bernat <vincent@bernat.ch>
> >
> > I'm not hearing any objections, but I have two questions:
> > - do you intend to merge it for 5.10 or 5.11? Because it has a fixes
> > tag, yet it's marked for net-next. If we put it in 5.10 it may get
> > pulled into stable immediately, knowing how things work lately.
> > - we have other sysctls that use IN_DEV_CONF_GET(),
> > e.g. "proxy_arp_pvlan" should those also be converted?
>
> The inconsistency with 'all' has been a major pain. In this case, I
> think it makes sense. Blindly changing all of them I suspect will lead
> to trouble. It is something reviewers should keep an eye on as sysctl
> settings get added.
Just saying.. if Vincent had the time to clean them all up _carefully_,
it'd be less likely we'll see another one added through copy & paste :)
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown
2020-10-20 0:53 ` Jakub Kicinski
2020-10-20 2:56 ` David Ahern
@ 2020-10-20 6:20 ` Vincent Bernat
2020-10-20 22:55 ` Jakub Kicinski
1 sibling, 1 reply; 7+ messages in thread
From: Vincent Bernat @ 2020-10-20 6:20 UTC (permalink / raw)
To: Jakub Kicinski; +Cc: David S. Miller, Jonathan Corbet, netdev, Andy Gospodarek
❦ 19 octobre 2020 17:53 -07, Jakub Kicinski:
> I'm not hearing any objections, but I have two questions:
> - do you intend to merge it for 5.10 or 5.11? Because it has a fixes
> tag, yet it's marked for net-next. If we put it in 5.10 it may get
> pulled into stable immediately, knowing how things work lately.
I have never been super-familiar with net/net-next. I am always using
net-next and let people sort it out.
> - we have other sysctls that use IN_DEV_CONF_GET(), e.g.
> "proxy_arp_pvlan" should those also be converted?
I can check them and do that.
--
Use library functions.
- The Elements of Programming Style (Kernighan & Plauger)
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown
2020-10-20 6:20 ` Vincent Bernat
@ 2020-10-20 22:55 ` Jakub Kicinski
0 siblings, 0 replies; 7+ messages in thread
From: Jakub Kicinski @ 2020-10-20 22:55 UTC (permalink / raw)
To: Vincent Bernat; +Cc: David S. Miller, Jonathan Corbet, netdev, Andy Gospodarek
On Tue, 20 Oct 2020 08:20:43 +0200 Vincent Bernat wrote:
> ❦ 19 octobre 2020 17:53 -07, Jakub Kicinski:
> > I'm not hearing any objections, but I have two questions:
> > - do you intend to merge it for 5.10 or 5.11? Because it has a fixes
> > tag, yet it's marked for net-next. If we put it in 5.10 it may get
> > pulled into stable immediately, knowing how things work lately.
>
> I have never been super-familiar with net/net-next. I am always using
> net-next and let people sort it out.
Since there is some breakage potential I'd prefer to merge this change
into net-next and give it more testing. But net-next is currently
closed (don't pay attention to the graphic at vger).
If you wouldn't mind - please repost next week.
You can split out and repost the documentation change separately if you
want, that's a fix that can go into net right away.
> > - we have other sysctls that use IN_DEV_CONF_GET(), e.g.
> > "proxy_arp_pvlan" should those also be converted?
>
> I can check them and do that.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown
2020-10-17 12:50 [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown Vincent Bernat
2020-10-20 0:53 ` Jakub Kicinski
@ 2020-10-20 2:57 ` David Ahern
1 sibling, 0 replies; 7+ messages in thread
From: David Ahern @ 2020-10-20 2:57 UTC (permalink / raw)
To: Vincent Bernat, David S. Miller, Jakub Kicinski, Jonathan Corbet,
netdev, Andy Gospodarek
[ fix Andy's address ]
On 10/17/20 6:50 AM, Vincent Bernat wrote:
> Introduced in 0eeb075fad73, the "ignore_routes_with_linkdown" sysctl
> ignores a route whose interface is down. It is provided as a
> per-interface sysctl. However, while a "all" variant is exposed, it
> was a noop since it was never evaluated. We use the usual "or" logic
> for this kind of sysctls.
>
> Tested with:
>
> ip link add type veth # veth0 + veth1
> ip link add type veth # veth1 + veth2
> ip link set up dev veth0
> ip link set up dev veth1 # link-status paired with veth0
> ip link set up dev veth2
> ip link set up dev veth3 # link-status paired with veth2
>
> # First available path
> ip -4 addr add 203.0.113.${uts#H}/24 dev veth0
> ip -6 addr add 2001:db8:1::${uts#H}/64 dev veth0
>
> # Second available path
> ip -4 addr add 192.0.2.${uts#H}/24 dev veth2
> ip -6 addr add 2001:db8:2::${uts#H}/64 dev veth2
>
> # More specific route through first path
> ip -4 route add 198.51.100.0/25 via 203.0.113.254 # via veth0
> ip -6 route add 2001:db8:3::/56 via 2001:db8:1::ff # via veth0
>
> # Less specific route through second path
> ip -4 route add 198.51.100.0/24 via 192.0.2.254 # via veth2
> ip -6 route add 2001:db8:3::/48 via 2001:db8:2::ff # via veth2
>
> # H1: enable on "all"
> # H2: enable on "veth0"
> for v in ipv4 ipv6; do
> case $uts in
> H1)
> sysctl -qw net.${v}.conf.all.ignore_routes_with_linkdown=1
> ;;
> H2)
> sysctl -qw net.${v}.conf.veth0.ignore_routes_with_linkdown=1
> ;;
> esac
> done
>
> set -xe
> # When veth0 is up, best route is through veth0
> ip -o route get 198.51.100.1 | grep -Fw veth0
> ip -o route get 2001:db8:3::1 | grep -Fw veth0
>
> # When veth0 is down, best route should be through veth2 on H1/H2,
> # but on veth0 on H2
> ip link set down dev veth1 # down veth0
> ip route show
> [ $uts != H3 ] || ip -o route get 198.51.100.1 | grep -Fw veth0
> [ $uts != H3 ] || ip -o route get 2001:db8:3::1 | grep -Fw veth0
> [ $uts = H3 ] || ip -o route get 198.51.100.1 | grep -Fw veth2
> [ $uts = H3 ] || ip -o route get 2001:db8:3::1 | grep -Fw veth2
>
> Without this patch, the two last lines would fail on H1 (the one using
> the "all" sysctl). With the patch, everything succeeds as expected.
>
> Also document the sysctl in `ip-sysctl.rst`.
>
> Fixes: 0eeb075fad73 ("net: ipv4 sysctl option to ignore routes when nexthop link is down")
> Signed-off-by: Vincent Bernat <vincent@bernat.ch>
> ---
> Documentation/networking/ip-sysctl.rst | 3 +++
> include/linux/inetdevice.h | 2 +-
> 2 files changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst
> index 837d51f9e1fa..fb6e4658fd4f 100644
> --- a/Documentation/networking/ip-sysctl.rst
> +++ b/Documentation/networking/ip-sysctl.rst
> @@ -1552,6 +1552,9 @@ igmpv3_unsolicited_report_interval - INTEGER
>
> Default: 1000 (1 seconds)
>
> +ignore_routes_with_linkdown - BOOLEAN
> + Ignore routes whose link is down when performing a FIB lookup.
> +
> promote_secondaries - BOOLEAN
> When a primary IP address is removed from this interface
> promote a corresponding secondary IP address instead of
> diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h
> index 3515ca64e638..3bbcddd22df8 100644
> --- a/include/linux/inetdevice.h
> +++ b/include/linux/inetdevice.h
> @@ -126,7 +126,7 @@ static inline void ipv4_devconf_setall(struct in_device *in_dev)
> IN_DEV_ORCONF((in_dev), ACCEPT_REDIRECTS)))
>
> #define IN_DEV_IGNORE_ROUTES_WITH_LINKDOWN(in_dev) \
> - IN_DEV_CONF_GET((in_dev), IGNORE_ROUTES_WITH_LINKDOWN)
> + IN_DEV_ORCONF((in_dev), IGNORE_ROUTES_WITH_LINKDOWN)
>
> #define IN_DEV_ARPFILTER(in_dev) IN_DEV_ORCONF((in_dev), ARPFILTER)
> #define IN_DEV_ARP_ACCEPT(in_dev) IN_DEV_ORCONF((in_dev), ARP_ACCEPT)
>
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2020-10-20 22:56 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-17 12:50 [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown Vincent Bernat
2020-10-20 0:53 ` Jakub Kicinski
2020-10-20 2:56 ` David Ahern
2020-10-20 3:15 ` Jakub Kicinski
2020-10-20 6:20 ` Vincent Bernat
2020-10-20 22:55 ` Jakub Kicinski
2020-10-20 2:57 ` David Ahern
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).