On 19/11/2024 04:08, Sergey Ryazanov wrote:
On 15.11.2024 16:03, Antonio Quartulli wrote:
On 10/11/2024 21:42, Sergey Ryazanov wrote:
Missed the most essential note regarding this patch :)
On 29.10.2024 12:47, Antonio Quartulli wrote:
+static int ovpn_net_open(struct net_device *dev)
+{
+ netif_tx_start_all_queues(dev);
+ return 0;
+}
+
+static int ovpn_net_stop(struct net_device *dev)
+{
+ netif_tx_stop_all_queues(dev);
Here we stop a user generated traffic in downlink. Shall we take care
about other kinds of traffic: keepalive, uplink?
Keepalive is "metadata" and should continue to flow, regardless of
whether the user interface is brought down.
Uplink traffic directed to *this* device should just be dropped at
delivery time.
Incoming traffic directed to other peers will continue to work.
How it's possible? AFAIU, the module uses the kernel IP routing
subsystem. Putting the interface down will effectively block a client-
to-client packet to reenter the interface.
True.
At least part of the traffic is stopped (traffic directed to the VPN IP
of a peer will still flow as it does not require a routing table lookup).
I circled this discussion through the other devs to see what perspective
they would bring and we also agree that if something is stopping, better
stop the entire infra.
Also, if a user is fumbling with the link state, they are probably
trying to bring the VPN down.
I will go that way and basically perform the same cleanup as if the
interface is being deleted.
"the party is over"[cit.] :)
Regards,
--
Antonio Quartulli
OpenVPN Inc.
