I can see there are 3 projects for supporting dynamic routing like
ospf in linux namely,
Quagga
FRRouting
BIRD.
However, as a long term perspective, I am eager to know which out of
these is officially supported by netdev community.
I want to create custom ipsets like hash: iface,iface ,etc.
Can anybody guide which is the best place to start development for the
same? Any documents, etc.
Also, can we store some IP in skbinfo?
Thanks and Regards,
Akshat
>> to get very similar functionality, then put into a cron job or a
>> while loop or similar. Something along the lines of (pseudocode):
>>if [the test such as ping fails] ; then
>> if [preferred route exists] ; then ip route delete ... ; fi
>>else
Is there a reason why iface is allowed to be paired only with net to
create an ipset?
I think with feature of skbinfo in every ipset, it should be allowed
to add iface in all ipset. As skbinfo can store tc classes, it might
make more sense if I can pin point on which outgoing interface this
class
Thanks.
Thanks a lot for clarifying all this.
On Tue, May 29, 2018 at 3:59 PM, Michal Kubecek wrote:
> On Tue, May 29, 2018 at 03:39:05PM +0530, Akshat Kakkar wrote:
>> For following commands,
>> ip addr add 10.10.10.1/24 brd + dev br0
>> ip addr add 10.10.10.2/24 b
of route that will decide?
And what about communication in local subnet, say ping to 10.10.10.200
and 20.20.20.200? Will source for both will change according to
destination IP?
On Mon, May 28, 2018 at 11:50 PM, Akshat Kakkar wrote:
> Thanks for clarifying that first ip will be used as primary
28, 2018 at 5:35 PM, Michal Kubecek wrote:
> On Mon, May 28, 2018 at 02:35:41PM +0530, Akshat Kakkar wrote:
>> I am having a bridge named br0 having ports eno1 and eno2 as members.
>> I have given IP to br0 as 10.10.10.1/24
>>
>> Now I want to create alias
I am having a bridge named br0 having ports eno1 and eno2 as members.
I have given IP to br0 as 10.10.10.1/24
Now I want to create alias on br0 as br0:1 and give IP as
10.10.10.2/24, but I am unable to.
I know, we can add multiple IPs to br0 using "ip addr" command, but I
dont want to do it that
Has anybody got any clue in this?
can somebody throw more light on this? How it is possible (without a
bug) that for exactly same set of IPs, at time IPSET HASHSIZE remains
at 1024 and at times it increases to 2048?
As a workaround I am running the show setting HASHSIZE as 16384 at
times of IPSET creation itself, and till now
Any more information needed?
Another observation :
At times rehashing happens (v6.32) and hashsize increases to 2048 from
1024. But this is at times and not always. Needless to mention, it is
for exactly same IPs added to the ipset in exactly same order.
What I observed is rehashing of set is not happening.
When I add multiple IPs to the ipset manually on ipset v6.32,
rehashing is not happening and my hashsize remains same as 1024
but when I add to ipset 4.5 (pretty old, I know!), rehashing is
happening and my hashsize changes from 1024 to 1536
I understand that without reproducible scenarios, its hard to debug ...
But the point is, this issue is fully random and of very low frequency.
For the setup, it is CentOS 7.3 upgraded to kernel 4.4.
Whenever a system comes up on the network, he provides his credentials
and after successful
output of ipset -L -t
Name: STORE
Type: hash:ip
Revision: 4
Header: family inet hashsize 1024 maxelem 65536
Size in memory: 50480
References: 1
I am having ipset 6.32
The hash type is hash:ip
I am adding/deleting IP addresses to it dynamically using scripts.
However, it has been observed that at times few IPs (3-4 out of 4000)
are not found in the set though it was added. Also, logs show there
was not request for deletion of that IP
Anybody?
On Tue, Aug 29, 2017 at 4:11 PM, Akshat Kakkar <akshat.1...@gmail.com> wrote:
> I am using ulogd2 to log iptables activity.
> However, when using pgsql as output plugin ... performance is very
> very sluggish. (~130-150 entries per second)
>
> To enhance pe
Anybody ?
On Tue, Aug 29, 2017 at 3:53 PM, Akshat Kakkar <akshat.1...@gmail.com> wrote:
> With ulog/nflog, NFCT plugin, is it possible to not log entries with src ip
> as 127.0.0.1
>
> I can see following options in ulogd.conf
> #accept_src_filter=192.168.1.0/24,1:2::/64 # so
I am using ulogd2 to log iptables activity.
However, when using pgsql as output plugin ... performance is very
very sluggish. (~130-150 entries per second)
To enhance performance I am trying
modprobe ipt_ULOG nlbufsiz=65535 flushtimeout=1000
but this gives error : ipt_ULOG module not found.
With ulog/nflog, NFCT plugin, is it possible to not log entries with src ip
as 127.0.0.1
I can see following options in ulogd.conf
#accept_src_filter=192.168.1.0/24,1:2::/64 # source ip of connection
must belong to these networks
#accept_dst_filter=192.168.1.0/24 # destination ip of connection
On Tue, Aug 22, 2017 at 5:58 PM, Neal Cardwell <ncardw...@google.com> wrote:
> On Tue, Aug 22, 2017 at 1:42 AM, Akshat Kakkar <akshat.1...@gmail.com> wrote:
>> There are multiple hosts/clients. All are mainly windows based.
>>
>> Timestamp is not used as my
On Tue, Aug 22, 2017 at 11:12 AM, Akshat Kakkar <akshat.1...@gmail.com> wrote:
> There are multiple hosts/clients. All are mainly windows based.
>
> Timestamp is not used as my clients mainly are windows based and in
> that it tcp timestamp is by defauly disabled.
>
&
There are multiple hosts/clients. All are mainly windows based.
Timestamp is not used as my clients mainly are windows based and in
that it tcp timestamp is by defauly disabled.
sysctl is as follows:
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
kernel.pid_max=4194303
On Monday, August 21, 2017, Eric Dumazet <eric.duma...@gmail.com> wrote:
>
> On Mon, 2017-08-21 at 15:26 +0530, Akshat Kakkar wrote:
> > On Mon, Aug 21, 2017 at 3:13 PM, David Laight <david.lai...@aculab.com>
> > wrote:
> > > From: Akshat Kakkar
> >
On Mon, Aug 21, 2017 at 3:13 PM, David Laight <david.lai...@aculab.com> wrote:
> From: Akshat Kakkar
>> Sent: 18 August 2017 10:14
>> On Thu, Aug 17, 2017 at 5:06 PM, Eric Dumazet <eric.duma...@gmail.com> wrote:
>> > On Thu, 2017-08-17 at 14:35 +0530, Akshat
On Fri, Aug 18, 2017 at 5:36 PM, Eric Dumazet <eric.duma...@gmail.com> wrote:
> On Fri, 2017-08-18 at 14:44 +0530, Akshat Kakkar wrote:
>> On Thu, Aug 17, 2017 at 5:06 PM, Eric Dumazet <eric.duma...@gmail.com> wrote:
>> > On Thu, 2017-08-17 at 14:35 +0530, Aks
On Thu, Aug 17, 2017 at 5:06 PM, Eric Dumazet <eric.duma...@gmail.com> wrote:
> On Thu, 2017-08-17 at 14:35 +0530, Akshat Kakkar wrote:
>
>> I upgraded to 4.4 but still experiencing same issue.
>> Please help.
>
> Still too old kernel, shoot again ;)
>
>
So
On Wed, Aug 16, 2017 at 4:04 PM, Eric Dumazet <eric.duma...@gmail.com> wrote:
> On Wed, 2017-08-16 at 10:18 +0530, Akshat Kakkar wrote:
>> On Mon, Aug 14, 2017 at 2:37 PM, Akshat Kakkar <akshat.1...@gmail.com> wrote:
>> > I have centos 7.3 (Kernel 3.10) runn
On Mon, Aug 14, 2017 at 2:37 PM, Akshat Kakkar <akshat.1...@gmail.com> wrote:
> I have centos 7.3 (Kernel 3.10) running on a server with 128GB RAM and
> 2 x 10 Core Xeon Processor.
> I have hosted a webserver on it and enabled ssh for remote maintenance.
> Previously it was run
I have centos 7.3 (Kernel 3.10) running on a server with 128GB RAM and
2 x 10 Core Xeon Processor.
I have hosted a webserver on it and enabled ssh for remote maintenance.
Previously it was running on Centos 6.3.
After upgrading to CentOS 7.3, occasionally (probably when number of
hits are more on
Recently I came to know that,
Without any options fw classifier maps fwmark to classid.
tc filter add dev parent protocol ip prio 1 fw
i.e. if my packet has mark(0x10001) and class id is not set,
then above tc filter, will set class id = 0x10001 i.e. 1:1
But when I am trying it out, its not
There is no handle with fw filter. That's the whole point is. If
handle and class (flow id) is not specified, then whatever be the mark
on the packet, its automatically set as flowid. So if mark is 0x10003,
then this fw filter
tc filter add dev eth0 parent 1:0 protocol ip fw
will cause 0x10003
Wang cw...@twopensource.com wrote:
On Mon, Aug 24, 2015 at 10:14 PM, Akshat Kakkar akshat.1...@gmail.com wrote:
Dear Florian,
There are two filters 15:2:2 and 15:2:3 and I have deleted only
15:2:3, so 15:2:2 will still be there and hence this condition
destroy proto tp when all filters are gone
Dear All,
A behavioural bug has been found in iproute2. How and where should I report it?
--
To unsubscribe from this list: send the line unsubscribe netdev in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
When I am trying to delete a single tc filter (i.e. specifying its
handle), it is deleting all the
filters with the same priority/preference. i.e. it is ignoring the
handle specified.
But, When I am doing similar activity in hashtable 800: it is deleting only the
specified filter, i.e. it is
:
Akshat Kakkar akshat.1...@gmail.com wrote:
[ CC Cong ]
When I am trying to delete a single tc filter (i.e. specifying its
handle), it is deleting all the
filters with the same priority/preference. i.e. it is ignoring the
handle specified.
But, When I am doing similar activity in hashtable 800
I actually posted this on lartc first. But then it was suggested to
post it over here as you guys might be able to guide better.
Please help ...
On Fri, Aug 21, 2015 at 10:38 AM, Akshat Kakkar akshat.1...@gmail.com wrote:
When I am trying to delete a single tc filter, it deleting all
When I am trying to delete a single tc filter, it deleting all the
filters with the same priority/preference. i.e. it is ignoring the
handle specified.
But, When I am deleting in hashtable 800: it is deleting only the
specified filter.
For example, following set of commands create a hashtable
38 matches
Mail list logo
