From: "Nicolas de Pesloüan" <nicolas.2p.debian@gmail.com>
To: Stephen Hemminger <shemminger@vyatta.com>
Cc: Marc Haber <mh+netdev@zugschlus.de>, netdev@vger.kernel.org
Subject: Re: Bridge stays down until a port is added
Date: Tue, 27 Sep 2011 00:12:13 +0200 [thread overview]
Message-ID: <4E80F8BD.4010401@gmail.com> (raw)
In-Reply-To: <20110926130507.1435d76b@nehalam.linuxnetplumber.net>
Le 26/09/2011 22:05, Stephen Hemminger a écrit :
> On Mon, 26 Sep 2011 22:02:21 +0200
> Nicolas de Pesloüan<nicolas.2p.debian@gmail.com> wrote:
[...]
>> Stephen,
>>
>> What do you think about a generic per-interface option that would cause bind() to accept tentative
>> address hold by a particular interface? This of course violate IPv6 principle, but we are talking
>> about interfaces that are unable to do DAD, either permanently or until something happens on the
>> underlying device.
>>
>> echo 1> /sys/class/net/br0/allow_bind_on_tentative_address
>> echo 1> /sys/class/net/dummy0/allow_bind_on_tentative_address
>> echo 1> /sys/class/net/wlan0/allow_bind_on_tentative_address
>> and so on...
>>
>> And we may possibly automatically reset this option to 0 if DAD eventually causes the address to be
>> considered duplicate.
>
> The issue is that if DAD rejects a duplicate, the socket is dead and application is
> out of luck.
Yes, and this is by design. Setting the option would state "I want to allow early bind(), prior to
DAD and I assume the fact that a possible duplicate address will cause the corresponding socket to
be dead and so the using application."
In the particular use case of a bridge to connect to virtual machines, the user can reasonably
assume that he know what it is doing on this private LAN. As such, he would accept the risk to have
applications die if he end up with a duplicate address.
And this might also allow to set an IPv6 address on a dummy interface, which Marc Haber reported as
not being allowed for now, probably because DAD cannot succeed on a dummy interface and as such, a
bind() cannot be allowed, and as such, setting the IPv6 address is currently useless.
Nicolas.
next prev parent reply other threads:[~2011-09-26 22:12 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-08-11 7:06 Bridge stays down until a port is added Marc Haber
2011-08-11 15:17 ` Stephen Hemminger
2011-08-11 20:54 ` Marc Haber
2011-08-11 22:41 ` Stephen Hemminger
2011-08-12 12:22 ` Sven-Haegar Koch
2011-08-20 9:47 ` Marc Haber
2011-08-20 16:30 ` Stephen Hemminger
2011-08-21 12:13 ` Marc Haber
2011-08-22 15:57 ` Stephen Hemminger
2011-09-17 20:42 ` Marc Haber
2011-09-20 20:20 ` Dan Williams
2011-09-25 8:25 ` Marc Haber
2011-09-26 15:47 ` Stephen Hemminger
2011-09-26 20:02 ` Nicolas de Pesloüan
2011-09-26 20:05 ` Stephen Hemminger
2011-09-26 20:56 ` Ben Hutchings
2011-09-26 22:12 ` Nicolas de Pesloüan [this message]
2011-09-26 22:42 ` Stephen Hemminger
2011-09-27 0:28 ` Sven-Haegar Koch
2011-09-27 0:43 ` Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E80F8BD.4010401@gmail.com \
--to=nicolas.2p.debian@gmail.com \
--cc=mh+netdev@zugschlus.de \
--cc=netdev@vger.kernel.org \
--cc=shemminger@vyatta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).