Bug 66691

Summary: iproute2: macvlan: Wrong root device shown if in different netns
Product: Networking Reporter: Helmut Schaa (helmut.schaa)
Component: IPV4Assignee: Stephen Hemminger (stephen)
Status: NEW ---    
Severity: normal CC: alan
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 3.10 Subsystem:
Regression: No Bisected commit-id:

Description Helmut Schaa 2013-12-06 08:07:07 UTC 
In the root net namespace if have the following devices:

> ip link
[...]
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
3: gre0: <NOARP> mtu 1476 qdisc noop state DOWN mode DEFAULT group default 
    link/gre 0.0.0.0 brd 0.0.0.0
[...]

Let's add a macvlan on top of eth0:

> ip link
[...]
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
3: gre0: <NOARP> mtu 1476 qdisc noop state DOWN mode DEFAULT group default 
    link/gre 0.0.0.0 brd 0.0.0.0
[...]
17: mac0@eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default 
    link/ether 46:aa:b4:fb:44:a6 brd ff:ff:ff:ff:ff:ff

And now lets move it into its own net namespace and list the devices in the new namespace.

> ip link set mac0 netns myns
> ip netns exec myns ip link
[...]
2: gre0: <NOARP> mtu 1476 qdisc noop state DOWN mode DEFAULT group default 
    link/gre 0.0.0.0 brd 0.0.0.0
[...]
17: mac0@gre0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default 
    link/ether 46:aa:b4:fb:44:a6 brd ff:ff:ff:ff:ff:ff

mac0 shows gre0 as its base device which is not correct. However gre0 has the same ifindex in the new namespace as eth0 in the root namespace and the ifindex is used for finding the base device.

commit aa79e66eee5d525e2fcbd2a5fcb87ae3dd4aa9e9 "net: Make ifindex generation per-net namespace" changed the ifindex generation to only be unique within a namespace.
Comment 1 Alan 2013-12-09 13:38:18 UTC 
If you've not already done so then please report to netdev@vger.kernel.org
Comment 2 Stephen Hemminger 2014-05-13 15:32:29 UTC 
The ip link is reporting what kernel state is.

The iflink in kernel is no longer valid when device changes namespace.