Linux kernel documentation tree maintained by Jonathan Corbet http://mirrors.hust.edu.cn/git/lwn.git/atom?h=v2.6.35 2010-05-08T08:57:52+00:00 2010-05-08T08:57:52+00:00 Neil Horman nhorman@tuxdriver.com 2010-05-08T08:57:52+00:00 urn:sha1:3ee943728fff536edaf8f59faa58aaa1aa7366e3 A while back there was a discussion regarding the rt_secret_interval timer. Given that we've had the ability to do emergency route cache rebuilds for awhile now, based on a statistical analysis of the various hash chain lengths in the cache, the use of the flush timer is somewhat redundant. This patch removes the rt_secret_interval sysctl, allowing us to rely solely on the statistical analysis mechanism to determine the need for route cache flushes. Signed-off-by: Neil Horman <nhorman@tuxdriver.com> Acked-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-04-13T21:49:34+00:00 Patrick McHardy kaber@trash.net 2010-04-13T05:03:23+00:00 urn:sha1:f0ad0860d01e47a3ffd220564c5c653b3afbe962 This patch adds support for multiple independant multicast routing instances, named "tables". Userspace multicast routing daemons can bind to a specific table instance by issuing a setsockopt call using a new option MRT_TABLE. The table number is stored in the raw socket data and affects all following ipmr setsockopt(), getsockopt() and ioctl() calls. By default, a single table (RT_TABLE_DEFAULT) is created with a default routing rule pointing to it. Newly created pimreg devices have the table number appended ("pimregX"), with the exception of devices created in the default table, which are named just "pimreg" for compatibility reasons. Packets are directed to a specific table instance using routing rules, similar to how regular routing rules work. Currently iif, oif and mark are supported as keys, source and destination addresses could be supported additionally. Example usage: - bind pimd/xorp/... to a specific table: uint32_t table = 123; setsockopt(fd, IPPROTO_IP, MRT_TABLE, &table, sizeof(table)); - create routing rules directing packets to the new table: # ip mrule add iif eth0 lookup 123 # ip mrule add oif eth0 lookup 123 Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-04-13T21:49:34+00:00 Patrick McHardy kaber@trash.net 2010-04-13T05:03:22+00:00 urn:sha1:0c12295a741d3186987f96f518cfbdaf01abb087 Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-04-13T21:49:33+00:00 Patrick McHardy kaber@trash.net 2010-04-13T05:03:21+00:00 urn:sha1:862465f2e7e90975e7bf0ecfbb171dd3adedd950 Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-04-13T21:49:32+00:00 Patrick McHardy kaber@trash.net 2010-04-13T05:03:19+00:00 urn:sha1:e258beb22f4d3ea3dc88586ffc9c990d0eb03380 The unres_queue is currently shared between all namespaces. Following patches will additionally allow to create multiple multicast routing tables in each namespace. Having a single shared queue for all these users seems to excessive, move the queue and the cleanup timer to the per-namespace data to unshare it. As a side-effect, this fixes a bug in the seq file iteration functions: the first entry returned is always from the current namespace, entries returned after that may belong to any namespace. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-02-10T13:17:10+00:00 Patrick McHardy kaber@trash.net 2010-02-10T13:17:10+00:00 urn:sha1:9ab99d5a43e9f283738fd9fd365539306d13eaac Signed-off-by: Patrick McHardy <kaber@trash.net> 2010-02-08T19:18:07+00:00 Patrick McHardy kaber@trash.net 2010-02-08T19:18:07+00:00 urn:sha1:d696c7bdaa55e2208e56c6f98e6bc1599f34286d As noticed by Jon Masters <jonathan@jonmasters.org>, the conntrack hash size is global and not per namespace, but modifiable at runtime through /sys/module/nf_conntrack/hashsize. Changing the hash size will only resize the hash in the current namespace however, so other namespaces will use an invalid hash size. This can cause crashes when enlarging the hashsize, or false negative lookups when shrinking it. Move the hash size into the per-namespace data and only use the global hash size to initialize the per-namespace value when instanciating a new namespace. Additionally restrict hash resizing to init_net for now as other namespaces are not handled currently. Cc: stable@kernel.org Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2010-01-18T07:08:37+00:00 Alexey Dobriyan adobriyan@gmail.com 2010-01-18T07:08:37+00:00 urn:sha1:e9d3897cc2205eec8b7afcc022e4730914b4f48c 'security' tables depend on SECURITY, so ifdef them. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net> 2009-01-22T21:57:40+00:00 Benjamin Thery benjamin.thery@bull.net 2009-01-22T04:56:21+00:00 urn:sha1:6c5143dbcfe50ac722965dc7d096abbeeec8bb33 Preliminary work to make IPv4 multicast routing netns-aware. Declare variable 'reg_vif_num' per-namespace, move into struct netns_ipv4. At the moment, this variable is only referenced in init_net. Signed-off-by: Benjamin Thery <benjamin.thery@bull.net> Signed-off-by: David S. Miller <davem@davemloft.net> 2009-01-22T21:57:40+00:00 Benjamin Thery benjamin.thery@bull.net 2009-01-22T04:56:20+00:00 urn:sha1:6f9374a9342e896c68df7cf7c0b039ab5cca994c Preliminary work to make IPv4 multicast routing netns-aware. Declare IPv multicast routing variables 'mroute_do_assert' and 'mroute_do_pim' per-namespace in struct netns_ipv4. At the moment, these variables are only referenced in init_net. Signed-off-by: Benjamin Thery <benjamin.thery@bull.net> Signed-off-by: David S. Miller <davem@davemloft.net>