The package level var native (holding the native endianness) is
initialized at package load time. Thus there is no need to re-initalize
it in functions using it, e.g. (*Handle).filterModify, parseU32Data,
parseFwData, parseBpfData and parseMatchAllData.
This fixes a data race between these functions and any read access of
var native, e.g. in LinkDeserialize as reported in issue #633.
Also don't re-declare local variables shadowing the global package-level
var.
Fixes#633
Signed-off-by: Tobias Klauser <tobias@cilium.io>
When subscribing to neigh updates, the updates for all neigh
protocol families are received. However when listExisting is set,
the request is made with AF_UNSPEC family, this request does not
include AF_BRIDGE entries.
This patch add a second request for AF_BRIDGE entries.
Add test for existing AF_BRIDGE entry and make expectNeighUpdate
take a slice of expected updates
Creates a VXLAN interface for this test as its AF_BRIDGE entries
looks a lot like usual ones
Also add support for latest (2014+) neighbour attributes
NDA_MASTER was added back in 2014, it indicates whether a neigh
entry is linked to a master interface and index of this interface.
The other entries, namely NDA_LINK_NETNSID and NDA_SRC_VNI were
added later and will need extra handling.
Signed-off-by: Nicolas Belouin <nicolas.belouin@gandi.net>
iproute2's own netlink library asserts that the sockaddr sender pid
has to be the one of the kernel [0]. It also doesn't bail out on pid
mismatch but only skips the message instead. We've seen cases where
the latter had a pid 0; in such case we should skip to the next nl
message instead of hard bail out.
[0] https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/tree/lib/libnetlink.c
rtnl_dump_filter_l(), __rtnl_talk_iov()
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
The kernel sends a RTM_DELNEIGH for every neighbours on link
deletion by the time the message is deserialized, the interface
no longer exists so we cannot call LinkByIndex on it.
This call to LinkByIndex is only used to get the encapType to be
able to set either IP or HardwareAddr correctly. The attrLen
attribute can be used here as only ipv4 are used with a size of 4,
and only ipv6 and FireWire HWaddr have a size of 16.
As such this change decrease the number of calls to LinkByIndex,
so it is called only when needed to choose between ipv6 or
FireWire Hwaddr, it also fallback to HWaddr in case of error with
LinkByIndex.
Fix: 921f7441f1Fix#409
Signed-off-by: Nicolas Belouin <nicolas.belouin@gandi.net>
The ip neighbour supports adding of peers statically using commands
where the lladdr is an IP address.
ip neighbor add 10.0.0.2 lladdr 203.0.113.6 dev tun8
This is used in the case of point-to-multipoint GRE to setup the
remote end point of the tunnel
Note that link-layer address and neighbor address are both IP addresses
Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
- Don't require a MAC address for a neighbor proxy
- Include proxies in the list of neighbors
Signed-off-by: Zvi "CtrlZvi" Effron <viz+GitHub@flippedperspective.com>
- Package methods only need an empty handle.
Not a regular Handle with a couple of
sockets creation/delete.
Signed-off-by: Alessandro Boch <aboch@docker.com>
- Ties to a netlink socket. All client requests
will re-use same socket. Socket released at
handle deletion.
- Also network namespace can be specified during
handle creation. Socket will be opened on the
specified network namespace.
Signed-off-by: Alessandro Boch <aboch@docker.com>
This turns out to be especially important as there
appears to be a bug in the kernel with bonding.
The bug causes an infinite amount of fdb entries
to be returned (it just cycle through the interfaces)
if no interface filter is set.
Having object composition causes both client and library to
do potentially unecessary work to retrieve Link attributes
when only index is often sufficient.