From: Vivien Didelot <vivien.didelot@gmail.com>
To: Florian Fainelli <f.fainelli@gmail.com>
Cc: netdev@vger.kernel.org, idosch@mellanox.com,
Jiri Pirko <jiri@resnulli.us>,
linux@armlinux.org.uk, andrew@lunn.ch, davem@davemloft.net
Subject: Re: [RFC net-next] net: dsa: add support for MC_DISABLED attribute
Date: Fri, 21 Jun 2019 17:29:52 -0400 [thread overview]
Message-ID: <20190621172952.GB9284@t480s.localdomain> (raw)
In-Reply-To: <5d653a4d-3270-8e53-a5e0-88ea5e7a4d3f@gmail.com>
On Thu, 20 Jun 2019 19:24:47 -0700, Florian Fainelli <f.fainelli@gmail.com> wrote:
> > This patch adds support for enabling or disabling the flooding of
> > unknown multicast traffic on the CPU ports, depending on the value
> > of the switchdev SWITCHDEV_ATTR_ID_BRIDGE_MC_DISABLED attribute.
> >
> > This allows the user to prevent the CPU to be flooded with a lot of
> > undesirable traffic that the network stack needs to filter in software.
> >
> > The bridge has multicast snooping enabled by default, hence CPU ports
> > aren't bottlenecked with arbitrary network applications anymore.
> > But this can be an issue in some scenarios such as pinging the bridge's
> > IPv6 address. Setting /sys/class/net/br0/bridge/multicast_snooping to
> > 0 would restore unknown multicast flooding and thus fix ICMPv6. As
> > an alternative, enabling multicast_querier would program the bridge
> > address into the switch.
> From what I can read from mlxsw, we should probably also implement the
> SWITCHDEV_ATTR_ID_PORT_MROUTER attribute in order to be consistent.
>
> Since the attribute MC_DISABLED is on the bridge master, we should also
> iterate over the list of switch ports being a member of that bridge and
> change their flooding attribute, taking into account whether
> BR_MCAST_FLOOD is set on that particular port or not. Just paraphrasing
> what mlxsw does here again...
Ouch, doesn't sound like what a driver should be doing :-(
Ido, I cannot find documentation for multicast_snooping or MC_DISABLED
and the naming isn't clear. Can this be considered as an equivalent
of mcast_flood but targeting the bridge device itself, describing
whether the bridge is interested or not in unknown multicast traffic?
> Once you act on the user-facing ports, you might be able to leave the
> CPU port flooding unconditionally, since it would only "flood" the CPU
> port either because an user-facing port has BR_MCAST_FLOOD set, or
> because this is known MC traffic that got programmed via the bridge's
> MDB. Would that work?
You may want the machine or network connected behind a bridge port
to be flooded with unknown multicast traffic, without having the
CPU conduit clogged up with this traffic. So these are two distinct
settings for me.
The only scenario I can think of needing the CPU to be flooded is if
there's a non-DSA port in the bridge maybe. But IMHO this should be
handled by the bridge, offloading or not the appropriate attribute.
> On a higher level, I really wish we did not have to re-implement a lot
> of identical or similar logic in each switch drivers and had a more
> central model of what is behaviorally expected.
I couldn't agree more, ethernet switch drivers should only offload
the notified bridge configuration, not noodling their own logic...
Russell, Ido, Florian, so far I understand that a multicast-unaware
bridge must flood unknown traffic everywhere (CPU included);
and a multicast-aware bridge must only flood its ports if their
mcast_flood is on, and known traffic targeting the bridge must be
offloaded accordingly. Do you guys agree with this?
Thanks,
Vivien
next prev parent reply other threads:[~2019-06-21 21:29 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-20 23:56 [RFC net-next] net: dsa: add support for MC_DISABLED attribute Vivien Didelot
2019-06-21 2:24 ` Florian Fainelli
2019-06-21 21:29 ` Vivien Didelot [this message]
2019-06-21 22:09 ` Russell King - ARM Linux admin
2019-06-23 7:09 ` Ido Schimmel
2019-06-23 7:26 ` Russell King - ARM Linux admin
2019-06-23 7:44 ` Ido Schimmel
2019-06-29 16:29 ` Ido Schimmel
2019-06-30 16:56 ` Linus Lüssing
2019-07-02 14:27 ` Nikolay Aleksandrov
2019-07-02 17:11 ` Ido Schimmel
[not found] ` <20190702231308.GA2414@otheros>
2019-07-07 9:07 ` Ido Schimmel
2019-07-05 16:01 ` Vivien Didelot
2019-07-07 10:28 ` Ido Schimmel
2019-06-23 6:48 ` Ido Schimmel
2019-06-29 15:31 ` Ido Schimmel
2019-06-29 23:06 ` Andrew Lunn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190621172952.GB9284@t480s.localdomain \
--to=vivien.didelot@gmail.com \
--cc=andrew@lunn.ch \
--cc=davem@davemloft.net \
--cc=f.fainelli@gmail.com \
--cc=idosch@mellanox.com \
--cc=jiri@resnulli.us \
--cc=linux@armlinux.org.uk \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).