On 2018-10-11 2:44 p.m., David Ahern wrote:
On 10/11/18 12:05 PM, Jamal Hadi Salim wrote:
On 2018-10-11 1:04 p.m., David Ahern wrote:
I meant the general API of users passing filter arguments as attributes
to the dump (or values in the header) -- KIND, MASTER, device index,
etc. This is an
From: Sowmini Varadhan
Date: Thu, 11 Oct 2018 15:32:48 -0400
> Without getting into Ahern's patchset, which he obviously feels
> quite passionately about..
>
> On (10/11/18 12:28), David Miller wrote:
>>
>> Once you've composed the message, the whole point of filtering is lost.
>
> it would
Without getting into Ahern's patchset, which he obviously feels
quite passionately about..
On (10/11/18 12:28), David Miller wrote:
>
> Once you've composed the message, the whole point of filtering is lost.
it would be nice to apply the filter *before* constructing the skb,
but afaict most
From: David Ahern
Date: Thu, 11 Oct 2018 12:44:49 -0600
> I disagree with your overall premise of bpf the end-all hammer. It is a
> tool but not the only tool. For starters, you are proposing building the
> message, run the filter on it, and potentially back the message up to
> drop the recently
On 10/11/18 12:05 PM, Jamal Hadi Salim wrote:
> On 2018-10-11 1:04 p.m., David Ahern wrote:
>
>> You can already filter link dumps by kind. How? By passing in the KIND
>> attribute on a dump request. This type of filtering exists for link
>> dumps, neighbor dumps, fdb dumps. Why is there a push
On 2018-10-11 1:04 p.m., David Ahern wrote:
You can already filter link dumps by kind. How? By passing in the KIND
attribute on a dump request. This type of filtering exists for link
dumps, neighbor dumps, fdb dumps. Why is there a push to make route
dumps different? Why can't they be
On 10/11/18 10:46 AM, Jamal Hadi Salim wrote:
> On 2018-10-11 12:16 p.m., David Ahern wrote:
>
> Yes, you can do it with cBPF but some complexity may occur. Example:
> if i was interested to netdevice events of "kind = vxlan &&
> admin flag is down" then that is non trivial to do with classical
On 2018-10-11 12:16 p.m., David Ahern wrote:
IMO, bpf at the fill_info stage is not appropriate.
Somewhere before the skb is formed (and nlmsg is built).
If you go as far as constructing it, then cBPF per what
Sowmini should work; but there will be constructs which
are trickier.
On (10/11/18 09:33), Roopa Prabhu wrote:
> 3. All networking subsystems already have this type of netlink
> attribute filtering that apps rely on. This series
> just makes it consistent for route dumps. Apps use such mechanism
> already when requesting dumps.
> Like everywhere else, BPF hook can
On Thu, Oct 11, 2018 at 9:16 AM David Ahern wrote:
>
> On 10/11/18 10:07 AM, Jamal Hadi Salim wrote:
> > On 2018-10-11 11:46 a.m., Sowmini Varadhan wrote:
> >> On (10/11/18 08:26), Stephen Hemminger wrote:
> >>> You can do the something like this already with BPF socket filters.
> >>> But writing
On 10/11/18 10:07 AM, Jamal Hadi Salim wrote:
> On 2018-10-11 11:46 a.m., Sowmini Varadhan wrote:
>> On (10/11/18 08:26), Stephen Hemminger wrote:
>>> You can do the something like this already with BPF socket filters.
>>> But writing BPF for multi-part messages is hard.
>>
>> Indeed. And I was
On 10/11/18 10:10 AM, Sowmini Varadhan wrote:
> On (10/11/18 09:32), David Ahern wrote:
>>
>> Route dumps are done for the entire FIB for each address family. As we
>> approach internet routing tables (700k+ routes for IPv4, currently
>> around 55k for IPv6) with many VRFs dumping the entire table
On (10/11/18 09:32), David Ahern wrote:
>
> Route dumps are done for the entire FIB for each address family. As we
> approach internet routing tables (700k+ routes for IPv4, currently
> around 55k for IPv6) with many VRFs dumping the entire table is grossly
> inefficient when for example only a
On 2018-10-11 11:46 a.m., Sowmini Varadhan wrote:
On (10/11/18 08:26), Stephen Hemminger wrote:
You can do the something like this already with BPF socket filters.
But writing BPF for multi-part messages is hard.
Indeed. And I was just experimenting with this for ARP just last week.
So to
On (10/11/18 08:26), Stephen Hemminger wrote:
> You can do the something like this already with BPF socket filters.
> But writing BPF for multi-part messages is hard.
Indeed. And I was just experimenting with this for ARP just last week.
So to handle the caes of "ip neigh show a.b.c.d" without
On 10/11/18 9:26 AM, Stephen Hemminger wrote:
>>
>
> You can do the something like this already with BPF socket filters.
> But writing BPF for multi-part messages is hard.
>
> Maybe a generic eBPF filter mechanism would be more flexible?
>
That exists today and does not cover what is needed
On Thu, 11 Oct 2018 08:06:18 -0700
David Ahern wrote:
> From: David Ahern
>
> Implement kernel side filtering of route dumps by protocol (e.g., which
> routing daemon installed the route), route type (e.g., unicast), table
> id and nexthop device.
>
> iproute2 has been doing this filtering in
17 matches
Mail list logo
