Unable to listen and connect to a port on the same stack #133
Comments
|
Dropping some logic into ipv4 that automatically resolves "our own" IP to the correct MAC reveals another problem, at least for tests: vnetif doesn't send traffic where the source is equal to the destination: https://github.com/MagnusS/mirage-vnetif/blob/master/lib/basic_backend.ml#L86 Generally, I'm not sure whether we can count on a network interface to give us back traffic that we sent in the first place -- perhaps you have a better sense of this? |
|
Yes, that check should probably be more specific. Right now it doesn't inspect the frame, it only relays the payload to every other connected node (except the sender) - so if the dst mac belongs to the sender the frame is lost. I've added an issue here. |
|
FWIW this is something that occurs in OpenFlow too -- by default, frames are not forwarded out of the interface on which they arrived, though you can set an explicit flag that disable this check. (Of note when, eg., using Open vSwitch to manage wireless interfaces, where it is quite common that incoming and outgoing interfaces will be the same.) Making it explicitly controllable might be something worth doing here too? |
|
Hm - so the TCP stack should probably try to figure out that it is talking to itself without relying on netif then? |
|
That was my first thought, but I ran into a wall thinking of how to do anything with that information (although we can certainly discover it on the ip/ether layer), since we have no knowledge of the functions that may have been called from |
|
Possibly naive question -- how is it a problem if the TCP/IP stack connects to its own listening ports? |
|
@mor1 , we can do that easily with the stack-level abstractions (STACKV1) because we have a hashtable of the listeners in the record, but not so in modules like TCP or UDP directly. |
|
I've been thinking about this, and I'm not sure when you'd want to have a stack connect to itself anyway. In UNIX-land you do this because you have processes that want to communicate and it's the most convenient abstraction, but we're not in that model. |
|
Unless anyone objects, I'd like to close this and the related pull request #132 as |
|
Go for it. If someone comes up with one, it can always be reopened. |
|
I'm fine with closing as |
|
Yeah, I agree on closing this. For unit-tests, we can easily create a virtual network with multiple interfaces. @yomimono: if I understand the correctly, the problem with handling this at the IP layer is:
A possible (API-breaking) solution would be to move the handlers to the constructor. e.g. instead of we'd have However, this is less flexible. For example, mirage-firewall passes the ethernet frame up to its IP handling code, which it couldn't do if |
|
Yes, it also means that if the application wants to change anything about the listening logic during execution, it needs to disconnect and reconnect the device. I think that's not undesirable. |
|
My first two unikernels are a monitoring service that tries to monitor itself and hangs, and a registration service that tries to register itself and hangs... both because of this. |
I'm unable to get the TCP/IP stack to connect to its own listening ports. The unikernel seems to try to resolve its own IP in ARP, but not sure if that's the only problem. I've written a test that currently fails in PR #132
The text was updated successfully, but these errors were encountered: