summaryrefslogtreecommitdiff
path: root/Documentation/networking
diff options
context:
space:
mode:
authorVeaceslav Falico <vfalico@redhat.com>2013-06-24 11:49:32 +0200
committerDavid S. Miller <davem@davemloft.net>2013-06-25 16:58:38 -0700
commitaeea64ac717a920ea655b061e37b14fbc872f7db (patch)
treec50b0aa89f3a8d545c114d650b8dfccc0e05542f /Documentation/networking
parent2c14610210978512271dd6fe21d6f55b789d9a80 (diff)
downloadlinux-next-aeea64ac717a920ea655b061e37b14fbc872f7db.tar.gz
bonding: don't trust arp requests unless active slave really works
Currently, if we receive any arp packet on a backup slave in active-backup mode and arp_validate enabled, we suppose that it's an arp request, swap source/target ip and try to validate it. This optimization gives us virtually no downtime in the most common situation (active and backup slaves are in the same broadcast domain and the active slave failed). However, if we can't reach the arp_ip_target(s), we end up in an endless loop of reselecting slaves, because we receive our arp requests, sent by the active slave, and think that backup slaves are up, thus selecting them as active and, again, sending arp requests, which fool our backup slaves. Fix this by not validating the swapped arp packets if the current active slave didn't receive any arp reply after it was selected as active. This way we will only accept arp requests if we know that the current active slave can actually reach arp_ip_target. v3->v4: Obey 80 lines and make checkpatch.pl happy, per Sergei's suggestion. v1->v3: No change. Signed-off-by: Veaceslav Falico <vfalico@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'Documentation/networking')
0 files changed, 0 insertions, 0 deletions