On Sat, Jun 15, 2019 at 4:06 PM Matteo Croce <mcr...@redhat.com> wrote:
>
> On Fri, Jun 14, 2019 at 4:36 PM David Ahern <dsah...@gmail.com> wrote:
> >
> > On 6/11/19 10:10 AM, Matteo Croce wrote:
> > > Refactor the netns and ipvrf code so less steps are needed to exec
> > > commands
> > > in a netns or a VRF context.
> > > Also remove some code which became dead. bloat-o-meter output:
> > >
> >
> > This breaks the vrf reset after namespace switch
> >
> >
> > # ip vrf ls
> > Name Table
> > -----------------------
> > red 1001
> >
> > Set shell into vrf red context:
> > # ip vrf exec red bash
> >
> > Add new namespace and do netns exec:
> > # ip netns add foo
> > # ./ip netns exec foo bash
> >
> > Check the vrf id:
> > # ip vrf id
> > red
> >
> > With the current command:
> > # ip netns exec foo bash
> > # ip vrf id
> > <nothing - no vrf bind>
>
> Hi David,
>
> if the vrf needs to be reset after a netns change, why don't we do in
> netns_switch()?
> This way all code paths will be covered.
>
> Cheers,
> --
> Matteo Croce
> per aspera ad upstream
Hi David,
I looked for every occourrence of netns_switch():
bridge/bridge.c: if (netns_switch(argv[1]))
include/namespace.h:int netns_switch(char *netns);
ip/ip.c: if (netns_switch(argv[1]))
ip/ipnetns.c: if (netns_switch(argv[0]))
lib/namespace.c:int netns_switch(char *name)
lib/utils.c: if (netns_switch(nsname))
misc/ss.c: if (netns_switch(optarg))
tc/tc.c: if (netns_switch(argv[1]))
the ones in {ss,tc,bridge,ip}.c are obviously handling the '-n netns'
command line option.
my question here is: should the VRF association be reset in all these cases?
If we need to reset, we should really call vrf_reset() from netns_switch().
If don't, I can add the missing vrf_reset() in ipnetns.c but I'm
curious to know what can happen to change netns and keep VRF
associations belonging to another netns.
Regards,
--
Matteo Croce
per aspera ad upstream
