> /* > * If the user is trying to mark an interface with a > * duplicate address as "down," or convert a > duplicate > * test address to a data address, then fetch the > * address and set it. This will cause IP to clear > * the IFF_DUPLICATE flag and stop the automatic > * recovery timer. > */ > (I think the comment could use some clarification- in the first > line, it's trying to mark the *logical* interface as down, not the > physical, right?)
Yes. > In the case described as "convert a duplicate test > address to a data address", the data address is still going to be > duplicate until DAD succeeds, right? Yes but the fact that the ipif is a dup is tracked on its corresponding ill (ill_ipif_dup_count). While we could've handled this case during the IPMP address move/clone logic, the code is more obviously correct if it can assert that DAD is not ongoing. Thus, the kernel will not allow an IFF_NOFAILOVER to be turned off if IFF_DUPLICATE is also lit (see the handling in ip_sioctl_flags()). Thus, IFF_DUPLICATE needs to be cleared first, hence the comment above. > it seems like too much information about the implementation has trickled > into the /sbin application in this case, and we should try to avoid that, > at least. If you can do it without making the kernel more complicated, by all means. One of the major design goals of the IPMP work was to not laden the kernel with lots of edge cases when that complexity could be handled by more knowledgeable userland plumbing code. ifconfig (and once we have things properly factored, libipadm) is special in that it has deep knowledge of how the stack goes together -- and indeed, it is an integral part of the stack, not just some "/sbin application". This can be (and in the case of IPMP, was) leveraged to simplify the kernel code. -- meem _______________________________________________ networking-discuss mailing list [email protected]
