From: David Ahern <dsahern@gmail.com>
To: Vincent Bernat <vincent@bernat.ch>,
"David S. Miller" <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>,
Jonathan Corbet <corbet@lwn.net>,
netdev@vger.kernel.org, Andy Gospodarek <andy@greyhouse.net>
Subject: Re: [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown
Date: Mon, 19 Oct 2020 20:57:31 -0600 [thread overview]
Message-ID: <683d467d-1d3e-dafa-f962-a52752ef6fd4@gmail.com> (raw)
In-Reply-To: <20201017125011.2655391-1-vincent@bernat.ch>
[ fix Andy's address ]
On 10/17/20 6:50 AM, Vincent Bernat wrote:
> Introduced in 0eeb075fad73, the "ignore_routes_with_linkdown" sysctl
> ignores a route whose interface is down. It is provided as a
> per-interface sysctl. However, while a "all" variant is exposed, it
> was a noop since it was never evaluated. We use the usual "or" logic
> for this kind of sysctls.
>
> Tested with:
>
> ip link add type veth # veth0 + veth1
> ip link add type veth # veth1 + veth2
> ip link set up dev veth0
> ip link set up dev veth1 # link-status paired with veth0
> ip link set up dev veth2
> ip link set up dev veth3 # link-status paired with veth2
>
> # First available path
> ip -4 addr add 203.0.113.${uts#H}/24 dev veth0
> ip -6 addr add 2001:db8:1::${uts#H}/64 dev veth0
>
> # Second available path
> ip -4 addr add 192.0.2.${uts#H}/24 dev veth2
> ip -6 addr add 2001:db8:2::${uts#H}/64 dev veth2
>
> # More specific route through first path
> ip -4 route add 198.51.100.0/25 via 203.0.113.254 # via veth0
> ip -6 route add 2001:db8:3::/56 via 2001:db8:1::ff # via veth0
>
> # Less specific route through second path
> ip -4 route add 198.51.100.0/24 via 192.0.2.254 # via veth2
> ip -6 route add 2001:db8:3::/48 via 2001:db8:2::ff # via veth2
>
> # H1: enable on "all"
> # H2: enable on "veth0"
> for v in ipv4 ipv6; do
> case $uts in
> H1)
> sysctl -qw net.${v}.conf.all.ignore_routes_with_linkdown=1
> ;;
> H2)
> sysctl -qw net.${v}.conf.veth0.ignore_routes_with_linkdown=1
> ;;
> esac
> done
>
> set -xe
> # When veth0 is up, best route is through veth0
> ip -o route get 198.51.100.1 | grep -Fw veth0
> ip -o route get 2001:db8:3::1 | grep -Fw veth0
>
> # When veth0 is down, best route should be through veth2 on H1/H2,
> # but on veth0 on H2
> ip link set down dev veth1 # down veth0
> ip route show
> [ $uts != H3 ] || ip -o route get 198.51.100.1 | grep -Fw veth0
> [ $uts != H3 ] || ip -o route get 2001:db8:3::1 | grep -Fw veth0
> [ $uts = H3 ] || ip -o route get 198.51.100.1 | grep -Fw veth2
> [ $uts = H3 ] || ip -o route get 2001:db8:3::1 | grep -Fw veth2
>
> Without this patch, the two last lines would fail on H1 (the one using
> the "all" sysctl). With the patch, everything succeeds as expected.
>
> Also document the sysctl in `ip-sysctl.rst`.
>
> Fixes: 0eeb075fad73 ("net: ipv4 sysctl option to ignore routes when nexthop link is down")
> Signed-off-by: Vincent Bernat <vincent@bernat.ch>
> ---
> Documentation/networking/ip-sysctl.rst | 3 +++
> include/linux/inetdevice.h | 2 +-
> 2 files changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst
> index 837d51f9e1fa..fb6e4658fd4f 100644
> --- a/Documentation/networking/ip-sysctl.rst
> +++ b/Documentation/networking/ip-sysctl.rst
> @@ -1552,6 +1552,9 @@ igmpv3_unsolicited_report_interval - INTEGER
>
> Default: 1000 (1 seconds)
>
> +ignore_routes_with_linkdown - BOOLEAN
> + Ignore routes whose link is down when performing a FIB lookup.
> +
> promote_secondaries - BOOLEAN
> When a primary IP address is removed from this interface
> promote a corresponding secondary IP address instead of
> diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h
> index 3515ca64e638..3bbcddd22df8 100644
> --- a/include/linux/inetdevice.h
> +++ b/include/linux/inetdevice.h
> @@ -126,7 +126,7 @@ static inline void ipv4_devconf_setall(struct in_device *in_dev)
> IN_DEV_ORCONF((in_dev), ACCEPT_REDIRECTS)))
>
> #define IN_DEV_IGNORE_ROUTES_WITH_LINKDOWN(in_dev) \
> - IN_DEV_CONF_GET((in_dev), IGNORE_ROUTES_WITH_LINKDOWN)
> + IN_DEV_ORCONF((in_dev), IGNORE_ROUTES_WITH_LINKDOWN)
>
> #define IN_DEV_ARPFILTER(in_dev) IN_DEV_ORCONF((in_dev), ARPFILTER)
> #define IN_DEV_ARP_ACCEPT(in_dev) IN_DEV_ORCONF((in_dev), ARP_ACCEPT)
>
prev parent reply other threads:[~2020-10-20 2:57 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-17 12:50 [PATCH net-next v1] net: evaluate net.conf.ipvX.all.ignore_routes_with_linkdown Vincent Bernat
2020-10-20 0:53 ` Jakub Kicinski
2020-10-20 2:56 ` David Ahern
2020-10-20 3:15 ` Jakub Kicinski
2020-10-20 6:20 ` Vincent Bernat
2020-10-20 22:55 ` Jakub Kicinski
2020-10-20 2:57 ` David Ahern [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=683d467d-1d3e-dafa-f962-a52752ef6fd4@gmail.com \
--to=dsahern@gmail.com \
--cc=andy@greyhouse.net \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=vincent@bernat.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).