[libvirt] [PATCH 9/9] add DHCP snooping support to nwfilter
Daniel Veillard
veillard at redhat.com
Wed May 18 03:47:11 UTC 2011
On Mon, May 09, 2011 at 01:12:10PM -0700, David L Stevens wrote:
> This patch removes remaining pieces of IP address learning.
>
> diff --git a/src/Makefile.am b/src/Makefile.am
> index 3da0797..53cdc00 100644
> --- a/src/Makefile.am
> +++ b/src/Makefile.am
> @@ -389,9 +389,7 @@ NWFILTER_DRIVER_SOURCES = \
> nwfilter/nwfilter_dhcpsnoop.c \
> nwfilter/nwfilter_dhcpsnoop.h \
> nwfilter/nwfilter_ebiptables_driver.c \
> - nwfilter/nwfilter_ebiptables_driver.h \
> - nwfilter/nwfilter_learnipaddr.c \
> - nwfilter/nwfilter_learnipaddr.h
> + nwfilter/nwfilter_ebiptables_driver.h
>
Like Dan I'm worried by removing this functionality. As far as I
know most switches learn IP from their clients using ARP snooping,
this is I think more resilient and minimize disruption in case of
port switching.
If libvirtd need to see some DHCP traffic with the client before
being able to set the filtering tables, I wonder how this is supposed
to work in case of live migration too, I don't think we carry the
informations about IP dynamically as part of the guest data, and we
certainly don't expect the guest to reassign IP via DHCP after a
migration, right ?
In general I'm of the opinion that since the functionality has been
pushed in existing releases this need to be preserved, I'm fine adding
support for DHCP based discovery, and as Dan suggested the right place
to allow the selection is the configuration file (though I would still
like to see a clear explanation of how DHCP based discovery is supposed
to work with migration),
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel at veillard.com | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
More information about the libvir-list
mailing list