New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add socket-mark-id support for marking sockets. #10349
Conversation
1e512b6
to
1f1bb97
Compare
@devnexen Generally this looks good to me, but I'd like to consider if this should be a FreeBSD-specific feature or something more generic that we implement also on Linux (as a connection mark maybe? not sure, need to look into that). |
that might be a tricky decision indeed, might be a risk to give a false sense of equivalence, so far I have not seen anything even remotely ressemblant on Linux, socket options in this system have very different contexts (but which can be used in redis though but as system specific like controlling thp support in some sense). |
adding the possibility to tag sockets with an ID when netfiltering filters above operates in that level.
1f1bb97
to
b7adc13
Compare
finally taking back what I said, I found some equivalence :) |
@devnexen It sounded this ID is the equivalent of a conn mark but I didn't have the bandwidth to dig deep and validate, thank you! |
Calling @redis/core-team for approval, this is a small change but potentially high value in some environments - see top comments. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm a bit uncomfortable adding an interface that's not supported on Linux.
but i guess it won't harm anyone, and for some it could be useful.
so @yossigo if you're ok with it, i'm too.
src/anet.c
Outdated
if (id > 0) | ||
anetSetError(err,"anetSockid unsupported on this platform"); | ||
return ANET_OK; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
are we sure we wanna return OK here?
alternatively, maybe we should add an isValid
callback to the config, and fail the configuration when this is not supported?
In fact Linux is supported (finally). Originally not planned but found a way. |
ohh, i missed it. |
src/config.h
Outdated
@@ -80,6 +80,8 @@ | |||
/* MSG_NOSIGNAL. */ | |||
#ifdef __linux__ | |||
#define HAVE_MSG_NOSIGNAL 1 | |||
#define HAVE_SOCKOPTID 1 | |||
#define SOCKOPTID SO_MARK |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
SO_MARK (since Linux 2.6.25)
Check with #ifdef SO_MARK
?
b7adc13
to
1c92baa
Compare
1c92baa
to
ba1d2e7
Compare
ba1d2e7
to
7487ced
Compare
7487ced
to
4d96b47
Compare
* A bit more generalized, OS-agnostic terms. * Avoid any setsockopt() call by default.
@devnexen I've slightly modified the PR to be more generalized, and avoid calling |
Yes I ve seen it, it s fine by me. |
Add a configuration option to attach an operating system-specific identifier to Redis sockets, supporting advanced network configurations using iptables (Linux) or ipfw (FreeBSD).
Add a configuration option to attach an operating system-specific identifier to Redis sockets, supporting advanced network configurations using iptables (Linux) or ipfw (FreeBSD).