netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Vivien Didelot <vivien.didelot@gmail.com>
To: Florian Fainelli <f.fainelli@gmail.com>
Cc: netdev@vger.kernel.org, idosch@mellanox.com,
	Jiri Pirko <jiri@resnulli.us>,
	linux@armlinux.org.uk, andrew@lunn.ch, davem@davemloft.net
Subject: Re: [RFC net-next] net: dsa: add support for MC_DISABLED attribute
Date: Fri, 21 Jun 2019 17:29:52 -0400	[thread overview]
Message-ID: <20190621172952.GB9284@t480s.localdomain> (raw)
In-Reply-To: <5d653a4d-3270-8e53-a5e0-88ea5e7a4d3f@gmail.com>

On Thu, 20 Jun 2019 19:24:47 -0700, Florian Fainelli <f.fainelli@gmail.com> wrote:
> > This patch adds support for enabling or disabling the flooding of
> > unknown multicast traffic on the CPU ports, depending on the value
> > of the switchdev SWITCHDEV_ATTR_ID_BRIDGE_MC_DISABLED attribute.
> > 
> > This allows the user to prevent the CPU to be flooded with a lot of
> > undesirable traffic that the network stack needs to filter in software.
> > 
> > The bridge has multicast snooping enabled by default, hence CPU ports
> > aren't bottlenecked with arbitrary network applications anymore.
> > But this can be an issue in some scenarios such as pinging the bridge's
> > IPv6 address. Setting /sys/class/net/br0/bridge/multicast_snooping to
> > 0 would restore unknown multicast flooding and thus fix ICMPv6. As
> > an alternative, enabling multicast_querier would program the bridge
> > address into the switch.
> From what I can read from mlxsw, we should probably also implement the
> SWITCHDEV_ATTR_ID_PORT_MROUTER attribute in order to be consistent.
> 
> Since the attribute MC_DISABLED is on the bridge master, we should also
> iterate over the list of switch ports being a member of that bridge and
> change their flooding attribute, taking into account whether
> BR_MCAST_FLOOD is set on that particular port or not. Just paraphrasing
> what mlxsw does here again...

Ouch, doesn't sound like what a driver should be doing :-(

Ido, I cannot find documentation for multicast_snooping or MC_DISABLED
and the naming isn't clear. Can this be considered as an equivalent
of mcast_flood but targeting the bridge device itself, describing
whether the bridge is interested or not in unknown multicast traffic?

> Once you act on the user-facing ports, you might be able to leave the
> CPU port flooding unconditionally, since it would only "flood" the CPU
> port either because an user-facing port has BR_MCAST_FLOOD set, or
> because this is known MC traffic that got programmed via the bridge's
> MDB. Would that work?

You may want the machine or network connected behind a bridge port
to be flooded with unknown multicast traffic, without having the
CPU conduit clogged up with this traffic. So these are two distinct
settings for me.

The only scenario I can think of needing the CPU to be flooded is if
there's a non-DSA port in the bridge maybe. But IMHO this should be
handled by the bridge, offloading or not the appropriate attribute.

> On a higher level, I really wish we did not have to re-implement a lot
> of identical or similar logic in each switch drivers and had a more
> central model of what is behaviorally expected.

I couldn't agree more, ethernet switch drivers should only offload
the notified bridge configuration, not noodling their own logic...


Russell, Ido, Florian, so far I understand that a multicast-unaware
bridge must flood unknown traffic everywhere (CPU included);
and a multicast-aware bridge must only flood its ports if their
mcast_flood is on, and known traffic targeting the bridge must be
offloaded accordingly. Do you guys agree with this?


Thanks,
Vivien

  reply	other threads:[~2019-06-21 21:29 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-06-20 23:56 [RFC net-next] net: dsa: add support for MC_DISABLED attribute Vivien Didelot
2019-06-21  2:24 ` Florian Fainelli
2019-06-21 21:29   ` Vivien Didelot [this message]
2019-06-21 22:09     ` Russell King - ARM Linux admin
2019-06-23  7:09     ` Ido Schimmel
2019-06-23  7:26       ` Russell King - ARM Linux admin
2019-06-23  7:44         ` Ido Schimmel
2019-06-29 16:29           ` Ido Schimmel
2019-06-30 16:56             ` Linus Lüssing
2019-07-02 14:27               ` Nikolay Aleksandrov
2019-07-02 17:11               ` Ido Schimmel
     [not found]                 ` <20190702231308.GA2414@otheros>
2019-07-07  9:07                   ` Ido Schimmel
2019-07-05 16:01       ` Vivien Didelot
2019-07-07 10:28         ` Ido Schimmel
2019-06-23  6:48   ` Ido Schimmel
2019-06-29 15:31     ` Ido Schimmel
2019-06-29 23:06       ` Andrew Lunn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190621172952.GB9284@t480s.localdomain \
    --to=vivien.didelot@gmail.com \
    --cc=andrew@lunn.ch \
    --cc=davem@davemloft.net \
    --cc=f.fainelli@gmail.com \
    --cc=idosch@mellanox.com \
    --cc=jiri@resnulli.us \
    --cc=linux@armlinux.org.uk \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).