[B.A.T.M.A.N.] [PATCH v5 0/6] Optimizations for setups running dat and bla

[B.A.T.M.A.N.] [PATCH v5 0/6] Optimizations for setups running dat and bla

[Andreas Pape]

This patchset introduces optimizations for batman-adv in setups having several
gateways into a common (switched) Ethernet backbone network especially if dat
is additionally enabled.

Using the current implementation with bla and dat enabled, several problems
can be observed in a real setup:
1. Multiplication of ARP replies from dat enabled gateways and dat enabled
mesh nodes leading to an "ARP reply storm" in the common backbone network.
2. In rare corner cases bla does not fully prevent looping of unicast frames
in the direction Backbone --> mesh --> backbone and looping of multicast
frames in the direction mesh --> backbone --> mesh.
The latter can lead to temporary confusion in the switched backbone resulting
in packet loss and communication timeouts.

The observed problems are solved by introduction of additional rules for the
dat handling, bla packet forwarding and bla claiming/unclaiming of clients.

v5:
 - changed function name to batadv_bla_check_claim
 - put added include file in alphabetical order
 - added check to exclude ip address 0.0.0.0 from snooping

v4:
 - removed unnecessary include in soft-interface.c
 - solved issue with double-use and refcounting of pointers in routing.c

v3:

 - rebased patchset
 - moved snooping of ip addresses for dat speed up into separate function
 - removed "patch of a patch"
 - removed automatic claiming during check of a claim
 - fixed issues of the patchset not being compiled due to chosen batman
	options

Kind regards,
Andreas

Andreas Pape (6):
  batman-adv: prevent multiple ARP replies sent by gateways if dat
    enbled
  batman-adv: speed up dat by snooping received ip traffic
  batman-adv: prevent duplication of ARP replies when DAT is used
  batman-adv: drop unicast packets from other backbone gw
  batman-adv: changed debug messages for easier bla debugging
  batman-adv: handle race condition for claims between gateways

 net/batman-adv/bridge_loop_avoidance.c |   87 ++++++++++++++++++++++++---
 net/batman-adv/bridge_loop_avoidance.h |   11 ++++
 net/batman-adv/distributed-arp-table.c |  102 ++++++++++++++++++++++++++++++++
 net/batman-adv/distributed-arp-table.h |    9 +++-
 net/batman-adv/routing.c               |   25 +++++++-
 net/batman-adv/soft-interface.c        |    3 +
 6 files changed, 225 insertions(+), 12 deletions(-)



..................................................................
PHOENIX CONTACT ELECTRONICS GmbH

Sitz der Gesellschaft / registered office of the company: 31812 Bad Pyrmont
USt-Id-Nr.: DE811742156
Amtsgericht Hannover HRB 100528 / district court Hannover HRB 100528
Geschäftsführer / Executive Board: Roland Bent, Dr. Martin Heubeck
___________________________________________________________________
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren, jegliche anderweitige Verwendung sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.
----------------------------------------------------------------------------------------------------
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure, distribution or other use of the material or parts thereof is strictly forbidden.
___________________________________________________________________

[B.A.T.M.A.N.] [PATCH v5 1/6] batman-adv: prevent multiple ARP replies sent by gateways if dat enbled

[Andreas Pape]

If dat is enabled it must be made sure that only the backbone gw which has
claimed the remote destination for the ARP request answers the ARP request
directly if the MAC address is known due to the local dat table. This
prevents multiple ARP replies in a common backbone if more than one
gateway already knows the remote mac searched for in the ARP request.

Signed-off-by: Andreas Pape <apape@phoenixcontact.com>
---
 net/batman-adv/bridge_loop_avoidance.c |   49 ++++++++++++++++++++++++++++++++
 net/batman-adv/bridge_loop_avoidance.h |   11 +++++++
 net/batman-adv/distributed-arp-table.c |   15 ++++++++++
 3 files changed, 75 insertions(+), 0 deletions(-)

diff --git a/net/batman-adv/bridge_loop_avoidance.c b/net/batman-adv/bridge_loop_avoidance.c
index 748a9ea..cd2d74b 100644
--- a/net/batman-adv/bridge_loop_avoidance.c
+++ b/net/batman-adv/bridge_loop_avoidance.c
@@ -2045,3 +2045,52 @@ out:
 		batadv_hardif_put(primary_if);
 	return 0;
 }
+
+#ifdef CONFIG_BATMAN_ADV_DAT
+/**
+ * batadv_bla_check_claim - check if address is claimed
+ *
+ * @bat_priv: the bat priv with all the soft interface information
+ * @addr: mac address of which the claim status is checked
+ * @vid: the VLAN ID
+ *
+ * addr is checked if this address is claimed by the local device itself.
+ *
+ * Return: true if bla is disabled or the mac is claimed by the device,
+ * false if the device addr is already claimed by another gateway
+ */
+bool batadv_bla_check_claim(struct batadv_priv *bat_priv,
+			    u8 *addr, unsigned short vid)
+{
+	struct batadv_bla_claim search_claim;
+	struct batadv_bla_claim *claim = NULL;
+	struct batadv_hard_iface *primary_if = NULL;
+	bool ret = true;
+
+	if (!atomic_read(&bat_priv->bridge_loop_avoidance))
+		return ret;
+
+	primary_if = batadv_primary_if_get_selected(bat_priv);
+	if (!primary_if)
+		return ret;
+
+	/* First look if the mac address is claimed */
+	ether_addr_copy(search_claim.addr, addr);
+	search_claim.vid = vid;
+
+	claim = batadv_claim_hash_find(bat_priv, &search_claim);
+
+	/* If there is a claim and we are not owner of the claim,
+	 * return false.
+	 */
+	if (claim) {
+		if (!batadv_compare_eth(claim->backbone_gw->orig,
+					primary_if->net_dev->dev_addr))
+			ret = false;
+		batadv_claim_put(claim);
+	}
+
+	batadv_hardif_put(primary_if);
+	return ret;
+}
+#endif
diff --git a/net/batman-adv/bridge_loop_avoidance.h b/net/batman-adv/bridge_loop_avoidance.h
index 0f01dae..9dddebc 100644
--- a/net/batman-adv/bridge_loop_avoidance.h
+++ b/net/batman-adv/bridge_loop_avoidance.h
@@ -47,6 +47,10 @@ void batadv_bla_update_orig_address(struct batadv_priv *bat_priv,
 void batadv_bla_status_update(struct net_device *net_dev);
 int batadv_bla_init(struct batadv_priv *bat_priv);
 void batadv_bla_free(struct batadv_priv *bat_priv);
+#ifdef CONFIG_BATMAN_ADV_DAT
+bool batadv_bla_check_claim(struct batadv_priv *bat_priv, u8 *addr,
+			    unsigned short vid);
+#endif

 #define BATADV_BLA_CRC_INIT	0
 #else /* ifdef CONFIG_BATMAN_ADV_BLA */
@@ -112,6 +116,13 @@ static inline void batadv_bla_free(struct batadv_priv *bat_priv)
 {
 }

+static inline
+bool batadv_bla_check_claim(struct batadv_priv *bat_priv, u8 *addr,
+			    unsigned short vid)
+{
+	return true;
+}
+
 #endif /* ifdef CONFIG_BATMAN_ADV_BLA */

 #endif /* ifndef _NET_BATMAN_ADV_BLA_H_ */
diff --git a/net/batman-adv/distributed-arp-table.c b/net/batman-adv/distributed-arp-table.c
index 278800a..b752f8d 100644
--- a/net/batman-adv/distributed-arp-table.c
+++ b/net/batman-adv/distributed-arp-table.c
@@ -43,6 +43,7 @@
 #include <linux/workqueue.h>
 #include <net/arp.h>

+#include "bridge_loop_avoidance.h"
 #include "hard-interface.h"
 #include "hash.h"
 #include "originator.h"
@@ -1003,6 +1004,20 @@ bool batadv_dat_snoop_outgoing_arp_request(struct batadv_priv *bat_priv,
 			goto out;
 		}

+		/* If BLA is enabled, only send ARP replies if we have claimed
+		 * the destination for the ARP request or if no one else of
+		 * the backbone gws belonging to our backbone has claimed the
+		 * destination.
+		 */
+		if (!batadv_bla_check_claim(bat_priv,
+					    dat_entry->mac_addr, vid)) {
+			batadv_dbg(BATADV_DBG_DAT, bat_priv,
+				   "Device %pM claimed by another backbone gw. Don't send ARP reply!",
+				   dat_entry->mac_addr);
+			ret = true;
+			goto out;
+		}
+
 		skb_new = arp_create(ARPOP_REPLY, ETH_P_ARP, ip_src,
 				     bat_priv->soft_iface, ip_dst, hw_src,
 				     dat_entry->mac_addr, hw_src);
--
1.7.0.4



..................................................................
PHOENIX CONTACT ELECTRONICS GmbH

Sitz der Gesellschaft / registered office of the company: 31812 Bad Pyrmont
USt-Id-Nr.: DE811742156
Amtsgericht Hannover HRB 100528 / district court Hannover HRB 100528
Geschäftsführer / Executive Board: Roland Bent, Dr. Martin Heubeck
___________________________________________________________________
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren, jegliche anderweitige Verwendung sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.
----------------------------------------------------------------------------------------------------
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure, distribution or other use of the material or parts thereof is strictly forbidden.
___________________________________________________________________

[B.A.T.M.A.N.] [PATCH v5 2/6] batman-adv: speed up dat by snooping received ip traffic

[Andreas Pape]

Speeding up dat address lookup is achieved by snooping all incoming ip
traffic. This especially increases the propability in bla setups that
a gateway into a common backbone network already has a fitting dat entry
to answer incoming ARP requests directly coming from the backbone
network thus further reducing ARP traffic in the mesh.

Signed-off-by: Andreas Pape <apape@phoenixcontact.com>
---
 net/batman-adv/distributed-arp-table.c |   55 ++++++++++++++++++++++++++++++++
 net/batman-adv/distributed-arp-table.h |    9 +++++-
 net/batman-adv/soft-interface.c        |    3 ++
 3 files changed, 66 insertions(+), 1 deletions(-)

diff --git a/net/batman-adv/distributed-arp-table.c b/net/batman-adv/distributed-arp-table.c
index b752f8d..998a4b8 100644
--- a/net/batman-adv/distributed-arp-table.c
+++ b/net/batman-adv/distributed-arp-table.c
@@ -27,6 +27,7 @@
 #include <linux/if_arp.h>
 #include <linux/if_ether.h>
 #include <linux/if_vlan.h>
+#include <linux/ip.h>
 #include <linux/in.h>
 #include <linux/jiffies.h>
 #include <linux/kernel.h>
@@ -362,6 +363,60 @@ out:
 		batadv_dat_entry_put(dat_entry);
 }

+/**
+ * batadv_dat_entry_check - check and update a dat entry
+ * @bat_priv: the bat priv with all the soft interface information
+ * @skb: socket buffer
+ * @vid: VLAN identifier
+ *
+ * snoops incoming socket buffer for dat cache updates, if dat is enabled.
+ * Can be called from other modules.
+ */
+void batadv_dat_entry_check(struct batadv_priv *bat_priv, struct sk_buff *skb,
+			    unsigned short vid)
+{
+	struct vlan_ethhdr *vhdr = NULL, tmp_vhdr;
+	struct ethhdr *ethhdr = NULL;
+	struct iphdr *iphdr = NULL, tmp_iphdr;
+
+	if (!atomic_read(&bat_priv->distributed_arp_table))
+		return;
+
+	ethhdr = eth_hdr(skb);
+
+	switch (ntohs(ethhdr->h_proto)) {
+	case ETH_P_IP:
+		iphdr = skb_header_pointer(skb, ETH_HLEN, sizeof(tmp_iphdr),
+					   &tmp_iphdr);
+		break;
+	case ETH_P_8021Q:
+		vhdr = skb_header_pointer(skb, 0, sizeof(tmp_vhdr),
+					  &tmp_vhdr);
+		if (!vhdr)
+			return;
+		if (ntohs(vhdr->h_vlan_encapsulated_proto) != ETH_P_IP)
+			return;
+		iphdr = skb_header_pointer(skb, sizeof(tmp_vhdr),
+					   sizeof(tmp_iphdr),
+					   &tmp_iphdr);
+		break;
+	}
+
+	if (!iphdr)
+		return;
+	/* don't add source address 0.0.0.0, which can occur during
+	 * dhcp discover or request.
+	 */
+	if (ntohl(iphdr->saddr) == 0)
+		return;
+
+	batadv_dbg(BATADV_DBG_DAT, bat_priv,
+		   "Snooped IP address: %pI4 %pM (vid: %d)\n",
+		   &iphdr->saddr, ethhdr->h_source,
+		   BATADV_PRINT_VID(vid));
+	batadv_dat_entry_add(bat_priv, iphdr->saddr, ethhdr->h_source, vid);
+}
+
 #ifdef CONFIG_BATMAN_ADV_DEBUG

 /**
diff --git a/net/batman-adv/distributed-arp-table.h b/net/batman-adv/distributed-arp-table.h
index 813ecea..cf1b93c 100644
--- a/net/batman-adv/distributed-arp-table.h
+++ b/net/batman-adv/distributed-arp-table.h
@@ -80,7 +80,8 @@ batadv_dat_init_own_addr(struct batadv_priv *bat_priv,
 int batadv_dat_init(struct batadv_priv *bat_priv);
 void batadv_dat_free(struct batadv_priv *bat_priv);
 int batadv_dat_cache_seq_print_text(struct seq_file *seq, void *offset);
-
+void batadv_dat_entry_check(struct batadv_priv *bat_priv, struct sk_buff *skb,
+			    unsigned short vid);
 /**
  * batadv_dat_inc_counter - increment the correct DAT packet counter
  * @bat_priv: the bat priv with all the soft interface information
@@ -173,6 +174,12 @@ static inline void batadv_dat_inc_counter(struct batadv_priv *bat_priv,
 {
 }

+static inline
+void batadv_dat_entry_check(struct batadv_priv *bat_priv, struct sk_buff *skb,
+			    unsigned short vid)
+{
+}
+
 #endif /* CONFIG_BATMAN_ADV_DAT */

 #endif /* _NET_BATMAN_ADV_DISTRIBUTED_ARP_TABLE_H_ */
diff --git a/net/batman-adv/soft-interface.c b/net/batman-adv/soft-interface.c
index 81665b1..a86748f 100644
--- a/net/batman-adv/soft-interface.c
+++ b/net/batman-adv/soft-interface.c
@@ -442,6 +442,9 @@ void batadv_interface_rx(struct net_device *soft_iface,
 		goto dropped;
 	}

+	/* Snoop incoming traffic for dat update */
+	batadv_dat_entry_check(bat_priv, skb, vid);
+
 	/* skb->dev & skb->pkt_type are set here */
 	skb->protocol = eth_type_trans(skb, soft_iface);

--
1.7.0.4



..................................................................
PHOENIX CONTACT ELECTRONICS GmbH

Sitz der Gesellschaft / registered office of the company: 31812 Bad Pyrmont
USt-Id-Nr.: DE811742156
Amtsgericht Hannover HRB 100528 / district court Hannover HRB 100528
Geschäftsführer / Executive Board: Roland Bent, Dr. Martin Heubeck
___________________________________________________________________
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren, jegliche anderweitige Verwendung sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.
----------------------------------------------------------------------------------------------------
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure, distribution or other use of the material or parts thereof is strictly forbidden.
___________________________________________________________________

[B.A.T.M.A.N.] [PATCH v5 3/6] batman-adv: prevent duplication of ARP replies when DAT is used

[Andreas Pape]

If none of the backbone gateways in a bla setup has already knowledge of
the mac address searched for in an incoming ARP request from the backbone
an address resolution via the DHT of DAT is started. The gateway can send
several ARP requests to different DHT nodes and therefore can get several
replies. This patch assures that not all of the possible ARP replies are
returned to the backbone by checking the local DAT cache of the gateway.
If there is an entry in the local cache the gateway has already learned
the requested address and there is no need to forward the additional reply
to the backbone.
Furthermore it is checked if this gateway has claimed the source of the ARP
reply and only forwards it to the backbone if it has claimed the source or
if there is no claim at all.

Signed-off-by: Andreas Pape <apape@phoenixcontact.com>
---
 net/batman-adv/distributed-arp-table.c |   32 ++++++++++++++++++++++++++++++++
 1 files changed, 32 insertions(+), 0 deletions(-)

diff --git a/net/batman-adv/distributed-arp-table.c b/net/batman-adv/distributed-arp-table.c
index 998a4b8..e7b054a 100644
--- a/net/batman-adv/distributed-arp-table.c
+++ b/net/batman-adv/distributed-arp-table.c
@@ -1244,6 +1244,7 @@ bool batadv_dat_snoop_incoming_arp_reply(struct batadv_priv *bat_priv,
 	__be32 ip_src, ip_dst;
 	u8 *hw_src, *hw_dst;
 	bool dropped = false;
+	struct batadv_dat_entry *dat_entry = NULL;
 	unsigned short vid;

 	if (!atomic_read(&bat_priv->distributed_arp_table))
@@ -1263,12 +1264,41 @@ bool batadv_dat_snoop_incoming_arp_reply(struct batadv_priv *bat_priv,
 	hw_dst = batadv_arp_hw_dst(skb, hdr_size);
 	ip_dst = batadv_arp_ip_dst(skb, hdr_size);

+	/* If ip_dst is already in cache and has the right mac address,
+	 * drop this frame if this ARP reply is destined for us because it's
+	 * most probably an ARP reply generated by another node of the DHT.
+	 * We have most probably received already a reply earlier. Delivering
+	 * this frame would lead to doubled receive of an ARP reply.
+	 */
+	dat_entry = batadv_dat_entry_hash_find(bat_priv, ip_src, vid);
+	if ((dat_entry) && (batadv_compare_eth(hw_src, dat_entry->mac_addr))) {
+		batadv_dbg(BATADV_DBG_DAT, bat_priv, "Doubled ARP reply removed: ARP MSG = [src: %pM-%pI4 dst: %pM-%pI4]; dat_entry: %pM-%pI4\n",
+			   hw_src, &ip_src, hw_dst, &ip_dst,
+			   dat_entry->mac_addr,	&dat_entry->ip);
+		dropped = true;
+		goto out;
+	}
+
 	/* Update our internal cache with both the IP addresses the node got
 	 * within the ARP reply
 	 */
 	batadv_dat_entry_add(bat_priv, ip_src, hw_src, vid);
 	batadv_dat_entry_add(bat_priv, ip_dst, hw_dst, vid);

+	/* If BLA is enabled, only forward ARP replies if we have claimed the
+	 * source of the ARP reply or if no one else of the same backbone has
+	 * already claimed that client. This prevents that different gateways
+	 * to the same backbone all forward the ARP reply leading to multiple
+	 * replies in the backbone.
+	 */
+	if (!batadv_bla_check_claim(bat_priv, hw_src, vid)) {
+		batadv_dbg(BATADV_DBG_DAT, bat_priv,
+			   "Device %pM claimed by another backbone gw. Drop ARP reply.\n",
+			   hw_src);
+		dropped = true;
+		goto out;
+	}
+
 	/* if this REPLY is directed to a client of mine, let's deliver the
 	 * packet to the interface
 	 */
@@ -1281,6 +1311,8 @@ bool batadv_dat_snoop_incoming_arp_reply(struct batadv_priv *bat_priv,
 out:
 	if (dropped)
 		kfree_skb(skb);
+	if (dat_entry)
+		batadv_dat_entry_put(dat_entry);
 	/* if dropped == false -> deliver to the interface */
 	return dropped;
 }
--
1.7.0.4



..................................................................
PHOENIX CONTACT ELECTRONICS GmbH

Sitz der Gesellschaft / registered office of the company: 31812 Bad Pyrmont
USt-Id-Nr.: DE811742156
Amtsgericht Hannover HRB 100528 / district court Hannover HRB 100528
Geschäftsführer / Executive Board: Roland Bent, Dr. Martin Heubeck
___________________________________________________________________
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren, jegliche anderweitige Verwendung sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.
----------------------------------------------------------------------------------------------------
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure, distribution or other use of the material or parts thereof is strictly forbidden.
___________________________________________________________________

[B.A.T.M.A.N.] [PATCH v5 4/6] batman-adv: drop unicast packets from other backbone gw

[Andreas Pape]

Additional dropping of unicast packets received from another backbone gw of
the same backbone network before being forwarded to the same backbone again
is necessary. It was observed in a test setup that in rare cases these
frames lead to looping unicast traffic backbone->mesh->backbone.

Signed-off-by: Andreas Pape <apape@phoenixcontact.com>
---
 net/batman-adv/routing.c |   25 ++++++++++++++++++++++---
 1 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/net/batman-adv/routing.c b/net/batman-adv/routing.c
index e3857ed..667e2cd 100644
--- a/net/batman-adv/routing.c
+++ b/net/batman-adv/routing.c
@@ -861,14 +861,16 @@ int batadv_recv_unicast_packet(struct sk_buff *skb,
 	struct batadv_priv *bat_priv = netdev_priv(recv_if->soft_iface);
 	struct batadv_unicast_packet *unicast_packet;
 	struct batadv_unicast_4addr_packet *unicast_4addr_packet;
-	u8 *orig_addr;
-	struct batadv_orig_node *orig_node = NULL;
+	u8 *orig_addr, *orig_addr_gw;
+	struct batadv_orig_node *orig_node = NULL, *orig_node_gw = NULL;
 	int check, hdr_size = sizeof(*unicast_packet);
 	enum batadv_subtype subtype;
-	bool is4addr;
+	bool is4addr, is_gw;
+	struct ethhdr *ethhdr;

 	unicast_packet = (struct batadv_unicast_packet *)skb->data;
 	unicast_4addr_packet = (struct batadv_unicast_4addr_packet *)skb->data;
+	ethhdr = eth_hdr(skb);

 	is4addr = unicast_packet->packet_type == BATADV_UNICAST_4ADDR;
 	/* the caller function should have already pulled 2 bytes */
@@ -891,6 +893,23 @@ int batadv_recv_unicast_packet(struct sk_buff *skb,

 	/* packet for me */
 	if (batadv_is_my_mac(bat_priv, unicast_packet->dest)) {
+		/* If this is a unicast packet from another backgone gw,
+		 * drop it.
+		 */
+		orig_addr_gw = ethhdr->h_source;
+		orig_node_gw = batadv_orig_hash_find(bat_priv, orig_addr_gw);
+		if (orig_node_gw) {
+			is_gw = batadv_bla_is_backbone_gw(skb, orig_node_gw,
+							  hdr_size);
+			batadv_orig_node_put(orig_node_gw);
+			if (is_gw) {
+				batadv_dbg(BATADV_DBG_BLA, bat_priv,
+					   "Dropped unicast pkt received from another backbone gw %pM.\n",
+					   orig_addr_gw);
+				return NET_RX_DROP;
+			}
+		}
+
 		if (is4addr) {
 			subtype = unicast_4addr_packet->subtype;
 			batadv_dat_inc_counter(bat_priv, subtype);
--
1.7.0.4



..................................................................
PHOENIX CONTACT ELECTRONICS GmbH

Sitz der Gesellschaft / registered office of the company: 31812 Bad Pyrmont
USt-Id-Nr.: DE811742156
Amtsgericht Hannover HRB 100528 / district court Hannover HRB 100528
Geschäftsführer / Executive Board: Roland Bent, Dr. Martin Heubeck
___________________________________________________________________
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren, jegliche anderweitige Verwendung sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.
----------------------------------------------------------------------------------------------------
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure, distribution or other use of the material or parts thereof is strictly forbidden.
___________________________________________________________________

[B.A.T.M.A.N.] [PATCH v5 5/6] batman-adv: changed debug messages for easier bla debugging

[Andreas Pape]

Some of the bla debug messages are extended and additional messages are
added for easier bla debugging. Some debug messages introduced with the
dat changes in prior patches of this patch series have been changed to
be more compliant to other existing debug messages.

Acked-by: Simon Wunderlich <sw@simonwunderlich.de>
Signed-off-by: Andreas Pape <apape@phoenixcontact.com>
---
 net/batman-adv/bridge_loop_avoidance.c |   18 ++++++++++++++----
 net/batman-adv/routing.c               |    2 +-
 2 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/net/batman-adv/bridge_loop_avoidance.c b/net/batman-adv/bridge_loop_avoidance.c
index cd2d74b..2ccce6e 100644
--- a/net/batman-adv/bridge_loop_avoidance.c
+++ b/net/batman-adv/bridge_loop_avoidance.c
@@ -715,8 +715,8 @@ static void batadv_bla_add_claim(struct batadv_priv *bat_priv,
 			goto claim_free_ref;

 		batadv_dbg(BATADV_DBG_BLA, bat_priv,
-			   "bla_add_claim(): changing ownership for %pM, vid %d\n",
-			   mac, BATADV_PRINT_VID(vid));
+			   "bla_add_claim(): changing ownership for %pM, vid %d to gw %pM\n",
+			   mac, BATADV_PRINT_VID(vid), backbone_gw->orig);

 		spin_lock_bh(&claim->backbone_gw->crc_lock);
 		claim->backbone_gw->crc ^= crc16(0, claim->addr, ETH_ALEN);
@@ -1240,10 +1240,13 @@ static void batadv_bla_purge_claims(struct batadv_priv *bat_priv,
 				continue;

 			batadv_dbg(BATADV_DBG_BLA, bat_priv,
-				   "bla_purge_claims(): %pM, vid %d, time out\n",
+				   "bla_purge_claims(): timed out.\n");
+
+purge_now:
+			batadv_dbg(BATADV_DBG_BLA, bat_priv,
+				   "bla_purge_claims(): %pM, vid %d\n",
 				   claim->addr, claim->vid);

-purge_now:
 			batadv_handle_unclaim(bat_priv, primary_if,
 					      claim->backbone_gw->orig,
 					      claim->addr, claim->vid);
@@ -1787,6 +1790,13 @@ bool batadv_bla_rx(struct batadv_priv *bat_priv, struct sk_buff *skb,
 		/* possible optimization: race for a claim */
 		/* No claim exists yet, claim it for us!
 		 */
+
+		batadv_dbg(BATADV_DBG_BLA, bat_priv,
+			   "bla_rx(): Unclaimed MAC %pM found. Claim it. Local: %s\n",
+			   ethhdr->h_source,
+			   batadv_is_my_client(bat_priv,
+					       ethhdr->h_source, vid) ?
+			   "yes" : "no");
 		batadv_handle_claim(bat_priv, primary_if,
 				    primary_if->net_dev->dev_addr,
 				    ethhdr->h_source, vid);
diff --git a/net/batman-adv/routing.c b/net/batman-adv/routing.c
index 667e2cd..7eeae86 100644
--- a/net/batman-adv/routing.c
+++ b/net/batman-adv/routing.c
@@ -904,7 +904,7 @@ int batadv_recv_unicast_packet(struct sk_buff *skb,
 			batadv_orig_node_put(orig_node_gw);
 			if (is_gw) {
 				batadv_dbg(BATADV_DBG_BLA, bat_priv,
-					   "Dropped unicast pkt received from another backbone gw %pM.\n",
+					   "recv_unicast_packet(): Dropped unicast pkt received from another backbone gw %pM.\n",
 					   orig_addr_gw);
 				return NET_RX_DROP;
 			}
--
1.7.0.4



..................................................................
PHOENIX CONTACT ELECTRONICS GmbH

Sitz der Gesellschaft / registered office of the company: 31812 Bad Pyrmont
USt-Id-Nr.: DE811742156
Amtsgericht Hannover HRB 100528 / district court Hannover HRB 100528
Geschäftsführer / Executive Board: Roland Bent, Dr. Martin Heubeck
___________________________________________________________________
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren, jegliche anderweitige Verwendung sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.
----------------------------------------------------------------------------------------------------
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure, distribution or other use of the material or parts thereof is strictly forbidden.
___________________________________________________________________

[B.A.T.M.A.N.] [PATCH v5 6/6] batman-adv: handle race condition for claims between gateways

[Andreas Pape]

Consider the following situation which has been found in a test setup:
Gateway B has claimed client C and gateway A has the same backbone
network as B. C sends a broad- or multicast to B and directly after
this packet decides to send another packet to A due to a better TQ
value. B will forward the broad-/multicast into the backbone as it is
the responsible gw and after that A will claim C as it has been
chosen by C as the best gateway. If it now happens that A claims C
before it has received the broad-/multicast forwarded by B (due to
backbone topology or due to some delay in B when forwarding the
packet) we get a critical situation: in the current code A will
immediately unclaim C when receiving the multicast due to the
roaming client scenario although the position of C has not changed
in the mesh. If this happens the multi-/broadcast forwarded by B
will be sent back into the mesh by A and we have looping packets
until one of the gateways claims C again.
In order to prevent this, unclaiming of a client due to the roaming
client scenario is only done after a certain time is expired after
the last claim of the client. 100 ms are used here, which should be
slow enough for big backbones and slow gateways but fast enough not
to break the roaming client use case.

Acked-by: Simon Wunderlich <sw@simonwunderlich.de>
Signed-off-by: Andreas Pape <apape@phoenixcontact.com>
---
 net/batman-adv/bridge_loop_avoidance.c |   20 ++++++++++++++++----
 1 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/net/batman-adv/bridge_loop_avoidance.c b/net/batman-adv/bridge_loop_avoidance.c
index 2ccce6e..4c3b294 100644
--- a/net/batman-adv/bridge_loop_avoidance.c
+++ b/net/batman-adv/bridge_loop_avoidance.c
@@ -1904,10 +1904,22 @@ bool batadv_bla_tx(struct batadv_priv *bat_priv, struct sk_buff *skb,
 		/* if yes, the client has roamed and we have
 		 * to unclaim it.
 		 */
-		batadv_handle_unclaim(bat_priv, primary_if,
-				      primary_if->net_dev->dev_addr,
-				      ethhdr->h_source, vid);
-		goto allow;
+		if (batadv_has_timed_out(claim->lasttime, 100)) {
+			/* only unclaim if the last claim entry is
+			 * older than 100 ms to make sure we really
+			 * have a roaming client here.
+			 */
+			batadv_dbg(BATADV_DBG_BLA, bat_priv, "bla_tx(): Roaming client %pM detected. Unclaim it.\n",
+				   ethhdr->h_source);
+			batadv_handle_unclaim(bat_priv, primary_if,
+					      primary_if->net_dev->dev_addr,
+					      ethhdr->h_source, vid);
+			goto allow;
+		} else {
+			batadv_dbg(BATADV_DBG_BLA, bat_priv, "bla_tx(): Race for claim %pM detected. Drop packet.\n",
+				   ethhdr->h_source);
+			goto handled;
+		}
 	}

 	/* check if it is a multicast/broadcast frame */
--
1.7.0.4



..................................................................
PHOENIX CONTACT ELECTRONICS GmbH

Sitz der Gesellschaft / registered office of the company: 31812 Bad Pyrmont
USt-Id-Nr.: DE811742156
Amtsgericht Hannover HRB 100528 / district court Hannover HRB 100528
Geschäftsführer / Executive Board: Roland Bent, Dr. Martin Heubeck
___________________________________________________________________
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren, jegliche anderweitige Verwendung sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.
----------------------------------------------------------------------------------------------------
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure, distribution or other use of the material or parts thereof is strictly forbidden.
___________________________________________________________________

Re: [B.A.T.M.A.N.] [PATCH v5 0/6] Optimizations for setups running dat and bla

[Sven Eckelmann]

[-- Attachment #1: Type: text/plain, Size: 1997 bytes --]

On Friday 10 June 2016 13:10:58 Andreas Pape wrote:
> This patchset introduces optimizations for batman-adv in setups having several
> gateways into a common (switched) Ethernet backbone network especially if dat
> is additionally enabled.
> 
> Using the current implementation with bla and dat enabled, several problems
> can be observed in a real setup:
> 1. Multiplication of ARP replies from dat enabled gateways and dat enabled
> mesh nodes leading to an "ARP reply storm" in the common backbone network.
> 2. In rare corner cases bla does not fully prevent looping of unicast frames
> in the direction Backbone --> mesh --> backbone and looping of multicast
> frames in the direction mesh --> backbone --> mesh.
> The latter can lead to temporary confusion in the switched backbone resulting
> in packet loss and communication timeouts.
> 
> The observed problems are solved by introduction of additional rules for the
> dat handling, bla packet forwarding and bla claiming/unclaiming of clients.
> 
> v5:
>  - changed function name to batadv_bla_check_claim
>  - put added include file in alphabetical order
>  - added check to exclude ip address 0.0.0.0 from snooping

Doesn't seem to apply:

    $ git describe 
    v2016.2-50-g3ce003c
    $ git am ~/bundle-11-datbla.mbox
    Applying: batman-adv: prevent multiple ARP replies sent by gateways if dat enbled
    error: patch failed: net/batman-adv/distributed-arp-table.c:43
    error: net/batman-adv/distributed-arp-table.c: patch does not apply
    Patch failed at 0001 batman-adv: prevent multiple ARP replies sent by gateways if dat enbled
    The copy of the patch that failed is found in: .git/rebase-apply/patch
    When you have resolved this problem, run "git am --continue".
    If you prefer to skip this patch, run "git am --skip" instead.
    To restore the original branch and stop patching, run "git am --abort".

Btw. there seems to be an "a" missing in "enabled" of the Subject
of the first patch :)

Kind regards,
	Sven

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [B.A.T.M.A.N.] [PATCH v5 0/6] Optimizations for setups running dat and bla

[Andreas Pape]

Hi Sven,

thanks for the feedback. I just realized that I forgot to rebase the
patchset before sending it. Could this be the cause?
When I try to apply the patches locally to a fresh cloned batman-adv
repository, the patches succeeded but some hunks succeed with some
offset or fuzz only due to the missing rebase.
> Doesn't seem to apply:
>
>     $ git describe
>     v2016.2-50-g3ce003c
>     $ git am ~/bundle-11-datbla.mbox
>     Applying: batman-adv: prevent multiple ARP replies sent by
> gateways if dat enbled
>     error: patch failed: net/batman-adv/distributed-arp-table.c:43
>     error: net/batman-adv/distributed-arp-table.c: patch does not apply
>     Patch failed at 0001 batman-adv: prevent multiple ARP replies
> sent by gateways if dat enbled
>     The copy of the patch that failed is found in:
.git/rebase-apply/patch
>     When you have resolved this problem, run "git am --continue".
>     If you prefer to skip this patch, run "git am --skip" instead.
>     To restore the original branch and stop patching, run "git am
--abort".
>
> Btw. there seems to be an "a" missing in "enabled" of the Subject
> of the first patch :)
>
Will be corrected as there's another version obviously necessary ...;-)

Best regards,
Andreas



..................................................................
PHOENIX CONTACT ELECTRONICS GmbH

Sitz der Gesellschaft / registered office of the company: 31812 Bad Pyrmont
USt-Id-Nr.: DE811742156
Amtsgericht Hannover HRB 100528 / district court Hannover HRB 100528
Geschäftsführer / Executive Board: Roland Bent, Dr. Martin Heubeck
___________________________________________________________________
Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren, jegliche anderweitige Verwendung sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.
----------------------------------------------------------------------------------------------------
This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure, distribution or other use of the material or parts thereof is strictly forbidden.
___________________________________________________________________

Re: [B.A.T.M.A.N.] [PATCH v5 0/6] Optimizations for setups running dat and bla

[Sven Eckelmann]

[-- Attachment #1: Type: text/plain, Size: 462 bytes --]

On Monday 13 June 2016 10:06:55 Andreas Pape wrote:
> > Btw. there seems to be an "a" missing in "enabled" of the Subject
> > of the first patch :)
> >
> Will be corrected as there's another version obviously necessary ...;-)

Maybe there are other comments from Simon oder Antonio. But I think there are 
still open questions from them as reply to the patches for v3 of the patchset. 
At least I cannot find any replies on the mailing list.

Kind regards,
	Sven

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [B.A.T.M.A.N.] [PATCH v5 2/6] batman-adv: speed up dat by snooping received ip traffic

[Sven Eckelmann]

[-- Attachment #1: Type: text/plain, Size: 843 bytes --]

On Friday 10 June 2016 13:11:00 Andreas Pape wrote:
> Speeding up dat address lookup is achieved by snooping all incoming ip
> traffic. This especially increases the propability in bla setups that
> a gateway into a common backbone network already has a fitting dat entry
> to answer incoming ARP requests directly coming from the backbone
> network thus further reducing ARP traffic in the mesh.
> 
> Signed-off-by: Andreas Pape <apape@phoenixcontact.com>
> ---

Marking this as rejected in patchwork due to the conceptual problems pointed 
out by Matthias + Linus [1].

@Marek, I hope this helps to reduce the number of patches you have to go 
through in patchwork. But please feel free to change it back when you think 
differently about it.

Kind regards,
	Sven

[1] https://lists.open-mesh.org/pipermail/b.a.t.m.a.n/2016-June/015738.html

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [B.A.T.M.A.N.] [PATCH v5 2/6] batman-adv: speed up dat by snooping received ip traffic

[Ruben Wisniewski]

Are new clients (Mac) not already spread as info on the network? So couldn't we not just snoop dhcp traffic on gateways and spread the info about acknowledged IPs as well?

> Am 25.06.2016 um 12:04 schrieb Sven Eckelmann <sven@narfation.org>:
> 
>> On Friday 10 June 2016 13:11:00 Andreas Pape wrote:
>> Speeding up dat address lookup is achieved by snooping all incoming ip
>> traffic. This especially increases the propability in bla setups that
>> a gateway into a common backbone network already has a fitting dat entry
>> to answer incoming ARP requests directly coming from the backbone
>> network thus further reducing ARP traffic in the mesh.
>> 
>> Signed-off-by: Andreas Pape <apape@phoenixcontact.com>
>> ---
> 
> Marking this as rejected in patchwork due to the conceptual problems pointed 
> out by Matthias + Linus [1].
> 
> @Marek, I hope this helps to reduce the number of patches you have to go 
> through in patchwork. But please feel free to change it back when you think 
> differently about it.
> 
> Kind regards,
>    Sven
> 
> [1] https://lists.open-mesh.org/pipermail/b.a.t.m.a.n/2016-June/015738.html

Re: [B.A.T.M.A.N.] [PATCH v5 2/6] batman-adv: speed up dat by snooping received ip traffic

[Sven Eckelmann]

[-- Attachment #1: Type: text/plain, Size: 514 bytes --]

On Sunday 26 June 2016 10:54:18 Ruben Wisniewski wrote:
> 
> Are new clients (Mac) not already spread as info on the network? So
> couldn't we not just snoop dhcp traffic on gateways and spread the
> info about acknowledged IPs as well?

Just a small info in case somebody wants to work on it:

batman-adv in gw server mode would only handle the DHCP replies
(ACK, OFFER, ...) only when they are sent as broadcast. But it is a
lot more efficient when the DHCPd sents replies as unicast packet.

Kind regards,
	Sven

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [B.A.T.M.A.N.] [PATCH v5 4/6] batman-adv: drop unicast packets from other backbone gw

[Simon Wunderlich]

[-- Attachment #1: Type: text/plain, Size: 663 bytes --]

On Friday 10 June 2016 13:11:02 Andreas Pape wrote:
> Additional dropping of unicast packets received from another backbone gw of
> the same backbone network before being forwarded to the same backbone again
> is necessary. It was observed in a test setup that in rare cases these
> frames lead to looping unicast traffic backbone->mesh->backbone.
> 
> Signed-off-by: Andreas Pape <apape@phoenixcontact.com>

Acked-by: Simon Wunderlich <sw@simonwunderlich.de>

I believe Svens previous concerns have been cleared. When you resend this 
patchset, please add my Acked-by into your commit message (unless you do major 
changes in the content ...)

Thanks,
     Simon

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [B.A.T.M.A.N.] [PATCH v5 2/6] batman-adv: speed up dat by snooping received ip traffic

[Simon Wunderlich]

[-- Attachment #1: Type: text/plain, Size: 6188 bytes --]

Hi Andreas,

as suggested by yourself and according to the discussion, please drop this 
patch from the patchset on the next resend. It may be better to resend it 
separately when the concerns are cleared.

Thanks!
    Simon

On Friday 10 June 2016 13:11:00 Andreas Pape wrote:
> Speeding up dat address lookup is achieved by snooping all incoming ip
> traffic. This especially increases the propability in bla setups that
> a gateway into a common backbone network already has a fitting dat entry
> to answer incoming ARP requests directly coming from the backbone
> network thus further reducing ARP traffic in the mesh.
> 
> Signed-off-by: Andreas Pape <apape@phoenixcontact.com>
> ---
>  net/batman-adv/distributed-arp-table.c |   55
> ++++++++++++++++++++++++++++++++ net/batman-adv/distributed-arp-table.h |  
>  9 +++++-
>  net/batman-adv/soft-interface.c        |    3 ++
>  3 files changed, 66 insertions(+), 1 deletions(-)
> 
> diff --git a/net/batman-adv/distributed-arp-table.c
> b/net/batman-adv/distributed-arp-table.c index b752f8d..998a4b8 100644
> --- a/net/batman-adv/distributed-arp-table.c
> +++ b/net/batman-adv/distributed-arp-table.c
> @@ -27,6 +27,7 @@
>  #include <linux/if_arp.h>
>  #include <linux/if_ether.h>
>  #include <linux/if_vlan.h>
> +#include <linux/ip.h>
>  #include <linux/in.h>
>  #include <linux/jiffies.h>
>  #include <linux/kernel.h>
> @@ -362,6 +363,60 @@ out:
>  		batadv_dat_entry_put(dat_entry);
>  }
> 
> +/**
> + * batadv_dat_entry_check - check and update a dat entry
> + * @bat_priv: the bat priv with all the soft interface information
> + * @skb: socket buffer
> + * @vid: VLAN identifier
> + *
> + * snoops incoming socket buffer for dat cache updates, if dat is enabled.
> + * Can be called from other modules.
> + */
> +void batadv_dat_entry_check(struct batadv_priv *bat_priv, struct sk_buff
> *skb, +			    unsigned short vid)
> +{
> +	struct vlan_ethhdr *vhdr = NULL, tmp_vhdr;
> +	struct ethhdr *ethhdr = NULL;
> +	struct iphdr *iphdr = NULL, tmp_iphdr;
> +
> +	if (!atomic_read(&bat_priv->distributed_arp_table))
> +		return;
> +
> +	ethhdr = eth_hdr(skb);
> +
> +	switch (ntohs(ethhdr->h_proto)) {
> +	case ETH_P_IP:
> +		iphdr = skb_header_pointer(skb, ETH_HLEN, sizeof(tmp_iphdr),
> +					   &tmp_iphdr);
> +		break;
> +	case ETH_P_8021Q:
> +		vhdr = skb_header_pointer(skb, 0, sizeof(tmp_vhdr),
> +					  &tmp_vhdr);
> +		if (!vhdr)
> +			return;
> +		if (ntohs(vhdr->h_vlan_encapsulated_proto) != ETH_P_IP)
> +			return;
> +		iphdr = skb_header_pointer(skb, sizeof(tmp_vhdr),
> +					   sizeof(tmp_iphdr),
> +					   &tmp_iphdr);
> +		break;
> +	}
> +
> +	if (!iphdr)
> +		return;
> +	/* don't add source address 0.0.0.0, which can occur during
> +	 * dhcp discover or request.
> +	 */
> +	if (ntohl(iphdr->saddr) == 0)
> +		return;
> +
> +	batadv_dbg(BATADV_DBG_DAT, bat_priv,
> +		   "Snooped IP address: %pI4 %pM (vid: %d)\n",
> +		   &iphdr->saddr, ethhdr->h_source,
> +		   BATADV_PRINT_VID(vid));
> +	batadv_dat_entry_add(bat_priv, iphdr->saddr, ethhdr->h_source, vid);
> +}
> +
>  #ifdef CONFIG_BATMAN_ADV_DEBUG
> 
>  /**
> diff --git a/net/batman-adv/distributed-arp-table.h
> b/net/batman-adv/distributed-arp-table.h index 813ecea..cf1b93c 100644
> --- a/net/batman-adv/distributed-arp-table.h
> +++ b/net/batman-adv/distributed-arp-table.h
> @@ -80,7 +80,8 @@ batadv_dat_init_own_addr(struct batadv_priv *bat_priv,
>  int batadv_dat_init(struct batadv_priv *bat_priv);
>  void batadv_dat_free(struct batadv_priv *bat_priv);
>  int batadv_dat_cache_seq_print_text(struct seq_file *seq, void *offset);
> -
> +void batadv_dat_entry_check(struct batadv_priv *bat_priv, struct sk_buff
> *skb, +			    unsigned short vid);
>  /**
>   * batadv_dat_inc_counter - increment the correct DAT packet counter
>   * @bat_priv: the bat priv with all the soft interface information
> @@ -173,6 +174,12 @@ static inline void batadv_dat_inc_counter(struct
> batadv_priv *bat_priv, {
>  }
> 
> +static inline
> +void batadv_dat_entry_check(struct batadv_priv *bat_priv, struct sk_buff
> *skb, +			    unsigned short vid)
> +{
> +}
> +
>  #endif /* CONFIG_BATMAN_ADV_DAT */
> 
>  #endif /* _NET_BATMAN_ADV_DISTRIBUTED_ARP_TABLE_H_ */
> diff --git a/net/batman-adv/soft-interface.c
> b/net/batman-adv/soft-interface.c index 81665b1..a86748f 100644
> --- a/net/batman-adv/soft-interface.c
> +++ b/net/batman-adv/soft-interface.c
> @@ -442,6 +442,9 @@ void batadv_interface_rx(struct net_device *soft_iface,
>  		goto dropped;
>  	}
> 
> +	/* Snoop incoming traffic for dat update */
> +	batadv_dat_entry_check(bat_priv, skb, vid);
> +
>  	/* skb->dev & skb->pkt_type are set here */
>  	skb->protocol = eth_type_trans(skb, soft_iface);
> 
> --
> 1.7.0.4
> 
> 
> 
> ..................................................................
> PHOENIX CONTACT ELECTRONICS GmbH
> 
> Sitz der Gesellschaft / registered office of the company: 31812 Bad Pyrmont
> USt-Id-Nr.: DE811742156
> Amtsgericht Hannover HRB 100528 / district court Hannover HRB 100528
> Geschäftsführer / Executive Board: Roland Bent, Dr. Martin Heubeck
> ___________________________________________________________________
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
> vernichten Sie diese Mail. Das unerlaubte Kopieren, jegliche anderweitige
> Verwendung sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.
> ---------------------------------------------------------------------------
> ------------------------- This e-mail may contain confidential and/or
> privileged information. If you are not the intended recipient (or have
> received this e-mail in error) please notify the sender immediately and
> destroy this e-mail. Any unauthorized copying, disclosure, distribution or
> other use of the material or parts thereof is strictly forbidden.
> ___________________________________________________________________

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [B.A.T.M.A.N.] [PATCH v5 1/6] batman-adv: prevent multiple ARP replies sent by gateways if dat enbled

[Simon Wunderlich]

[-- Attachment #1: Type: text/plain, Size: 586 bytes --]

On Friday 10 June 2016 13:10:59 Andreas Pape wrote:
> If dat is enabled it must be made sure that only the backbone gw which has
> claimed the remote destination for the ARP request answers the ARP request
> directly if the MAC address is known due to the local dat table. This
> prevents multiple ARP replies in a common backbone if more than one
> gateway already knows the remote mac searched for in the ARP request.
> 
> Signed-off-by: Andreas Pape <apape@phoenixcontact.com>

Acked-by: Simon Wunderlich <sw@simonwunderlich.de>

Please add my Acked-by on resend.

Thanks!
     Simon

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [B.A.T.M.A.N.] [PATCH v5 3/6] batman-adv: prevent duplication of ARP replies when DAT is used

[Simon Wunderlich]

[-- Attachment #1: Type: text/plain, Size: 2462 bytes --]

On Friday 10 June 2016 13:11:01 Andreas Pape wrote:
> If none of the backbone gateways in a bla setup has already knowledge of
> the mac address searched for in an incoming ARP request from the backbone
> an address resolution via the DHT of DAT is started. The gateway can send
> several ARP requests to different DHT nodes and therefore can get several
> replies. This patch assures that not all of the possible ARP replies are
> returned to the backbone by checking the local DAT cache of the gateway.
> If there is an entry in the local cache the gateway has already learned
> the requested address and there is no need to forward the additional reply
> to the backbone.
> Furthermore it is checked if this gateway has claimed the source of the ARP
> reply and only forwards it to the backbone if it has claimed the source or
> if there is no claim at all.

Acked-by: Simon Wunderlich <sw@simonwunderlich.de>

but one small style suggestion below:

> 
> Signed-off-by: Andreas Pape <apape@phoenixcontact.com>
> ---
>  net/batman-adv/distributed-arp-table.c |   32
> ++++++++++++++++++++++++++++++++ 1 files changed, 32 insertions(+), 0
> deletions(-)
> 
> diff --git a/net/batman-adv/distributed-arp-table.c
> b/net/batman-adv/distributed-arp-table.c index 998a4b8..e7b054a 100644
> --- a/net/batman-adv/distributed-arp-table.c
> +++ b/net/batman-adv/distributed-arp-table.c
> @@ -1244,6 +1244,7 @@ bool batadv_dat_snoop_incoming_arp_reply(struct
> batadv_priv *bat_priv, __be32 ip_src, ip_dst;
>  	u8 *hw_src, *hw_dst;
>  	bool dropped = false;
> +	struct batadv_dat_entry *dat_entry = NULL;
>  	unsigned short vid;
> 
>  	if (!atomic_read(&bat_priv->distributed_arp_table))
> @@ -1263,12 +1264,41 @@ bool batadv_dat_snoop_incoming_arp_reply(struct
> batadv_priv *bat_priv, hw_dst = batadv_arp_hw_dst(skb, hdr_size);
>  	ip_dst = batadv_arp_ip_dst(skb, hdr_size);
> 
> +	/* If ip_dst is already in cache and has the right mac address,
> +	 * drop this frame if this ARP reply is destined for us because it's
> +	 * most probably an ARP reply generated by another node of the DHT.
> +	 * We have most probably received already a reply earlier. Delivering
> +	 * this frame would lead to doubled receive of an ARP reply.
> +	 */
> +	dat_entry = batadv_dat_entry_hash_find(bat_priv, ip_src, vid);
> +	if ((dat_entry) && (batadv_compare_eth(hw_src, dat_entry->mac_addr))) {

you can drop the braces for dat_entry and batadv_compare_eth here.

Cheers,
     Simon

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [B.A.T.M.A.N.] [PATCH v5 0/6] Optimizations for setups running dat and bla

[Simon Wunderlich]

[-- Attachment #1: Type: text/plain, Size: 763 bytes --]

On Monday 13 June 2016 11:01:54 Sven Eckelmann wrote:
> On Monday 13 June 2016 10:06:55 Andreas Pape wrote:
> > > Btw. there seems to be an "a" missing in "enabled" of the Subject
> > > of the first patch :)
> > 
> > Will be corrected as there's another version obviously necessary ...;-)
> 
> Maybe there are other comments from Simon oder Antonio. But I think there
> are still open questions from them as reply to the patches for v3 of the
> patchset. At least I cannot find any replies on the mailing list.

Hi Andreas,

sorry for the late review. I think we are through from my end, your patches 
mostly require a rebase and some small change. I'd also drop one of the 
patches and submit them separately to get the other patches through.

Thanks!
     Simon

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [B.A.T.M.A.N.] [PATCH v5 2/6] batman-adv: speed up dat by snooping received ip traffic

[Linus Lüssing]

Hi Andreas,

After the observations in ticket #291 [0], Antonio and I had been
discussing this topic a little further on IRC.

The Linux kernel seems to refresh its ARP table by snooping the IP
traffic, too. But IP traffic does not create any ARP table
entries.

What do you think about doing the same in batman-adv? That is,
only updating, but not creating DAT cache entries from IP traffic.
That should get rid of the main two concerns, accidentally
snooping routed IP traffic and performance implications, shouldn't it?

Regards, Linus


On Fri, Jul 01, 2016 at 03:49:54PM +0200, Simon Wunderlich wrote:
> Hi Andreas,
> 
> as suggested by yourself and according to the discussion, please drop this 
> patch from the patchset on the next resend. It may be better to resend it 
> separately when the concerns are cleared.
> 
> Thanks!
>     Simon
> 
> On Friday 10 June 2016 13:11:00 Andreas Pape wrote:
> > Speeding up dat address lookup is achieved by snooping all incoming ip
> > traffic. This especially increases the propability in bla setups that
> > a gateway into a common backbone network already has a fitting dat entry
> > to answer incoming ARP requests directly coming from the backbone
> > network thus further reducing ARP traffic in the mesh.
> > 
> > Signed-off-by: Andreas Pape <apape@phoenixcontact.com>
> > ---
> >  net/batman-adv/distributed-arp-table.c |   55
> > ++++++++++++++++++++++++++++++++ net/batman-adv/distributed-arp-table.h |  
> >  9 +++++-
> >  net/batman-adv/soft-interface.c        |    3 ++
> >  3 files changed, 66 insertions(+), 1 deletions(-)
> > 
> > diff --git a/net/batman-adv/distributed-arp-table.c
> > b/net/batman-adv/distributed-arp-table.c index b752f8d..998a4b8 100644
> > --- a/net/batman-adv/distributed-arp-table.c
> > +++ b/net/batman-adv/distributed-arp-table.c
> > @@ -27,6 +27,7 @@
> >  #include <linux/if_arp.h>
> >  #include <linux/if_ether.h>
> >  #include <linux/if_vlan.h>
> > +#include <linux/ip.h>
> >  #include <linux/in.h>
> >  #include <linux/jiffies.h>
> >  #include <linux/kernel.h>
> > @@ -362,6 +363,60 @@ out:
> >  		batadv_dat_entry_put(dat_entry);
> >  }
> > 
> > +/**
> > + * batadv_dat_entry_check - check and update a dat entry
> > + * @bat_priv: the bat priv with all the soft interface information
> > + * @skb: socket buffer
> > + * @vid: VLAN identifier
> > + *
> > + * snoops incoming socket buffer for dat cache updates, if dat is enabled.
> > + * Can be called from other modules.
> > + */
> > +void batadv_dat_entry_check(struct batadv_priv *bat_priv, struct sk_buff
> > *skb, +			    unsigned short vid)
> > +{
> > +	struct vlan_ethhdr *vhdr = NULL, tmp_vhdr;
> > +	struct ethhdr *ethhdr = NULL;
> > +	struct iphdr *iphdr = NULL, tmp_iphdr;
> > +
> > +	if (!atomic_read(&bat_priv->distributed_arp_table))
> > +		return;
> > +
> > +	ethhdr = eth_hdr(skb);
> > +
> > +	switch (ntohs(ethhdr->h_proto)) {
> > +	case ETH_P_IP:
> > +		iphdr = skb_header_pointer(skb, ETH_HLEN, sizeof(tmp_iphdr),
> > +					   &tmp_iphdr);
> > +		break;
> > +	case ETH_P_8021Q:
> > +		vhdr = skb_header_pointer(skb, 0, sizeof(tmp_vhdr),
> > +					  &tmp_vhdr);
> > +		if (!vhdr)
> > +			return;
> > +		if (ntohs(vhdr->h_vlan_encapsulated_proto) != ETH_P_IP)
> > +			return;
> > +		iphdr = skb_header_pointer(skb, sizeof(tmp_vhdr),
> > +					   sizeof(tmp_iphdr),
> > +					   &tmp_iphdr);
> > +		break;
> > +	}
> > +
> > +	if (!iphdr)
> > +		return;
> > +	/* don't add source address 0.0.0.0, which can occur during
> > +	 * dhcp discover or request.
> > +	 */
> > +	if (ntohl(iphdr->saddr) == 0)
> > +		return;
> > +
> > +	batadv_dbg(BATADV_DBG_DAT, bat_priv,
> > +		   "Snooped IP address: %pI4 %pM (vid: %d)\n",
> > +		   &iphdr->saddr, ethhdr->h_source,
> > +		   BATADV_PRINT_VID(vid));
> > +	batadv_dat_entry_add(bat_priv, iphdr->saddr, ethhdr->h_source, vid);
> > +}
> > +
> >  #ifdef CONFIG_BATMAN_ADV_DEBUG
> > 
> >  /**
> > diff --git a/net/batman-adv/distributed-arp-table.h
> > b/net/batman-adv/distributed-arp-table.h index 813ecea..cf1b93c 100644
> > --- a/net/batman-adv/distributed-arp-table.h
> > +++ b/net/batman-adv/distributed-arp-table.h
> > @@ -80,7 +80,8 @@ batadv_dat_init_own_addr(struct batadv_priv *bat_priv,
> >  int batadv_dat_init(struct batadv_priv *bat_priv);
> >  void batadv_dat_free(struct batadv_priv *bat_priv);
> >  int batadv_dat_cache_seq_print_text(struct seq_file *seq, void *offset);
> > -
> > +void batadv_dat_entry_check(struct batadv_priv *bat_priv, struct sk_buff
> > *skb, +			    unsigned short vid);
> >  /**
> >   * batadv_dat_inc_counter - increment the correct DAT packet counter
> >   * @bat_priv: the bat priv with all the soft interface information
> > @@ -173,6 +174,12 @@ static inline void batadv_dat_inc_counter(struct
> > batadv_priv *bat_priv, {
> >  }
> > 
> > +static inline
> > +void batadv_dat_entry_check(struct batadv_priv *bat_priv, struct sk_buff
> > *skb, +			    unsigned short vid)
> > +{
> > +}
> > +
> >  #endif /* CONFIG_BATMAN_ADV_DAT */
> > 
> >  #endif /* _NET_BATMAN_ADV_DISTRIBUTED_ARP_TABLE_H_ */
> > diff --git a/net/batman-adv/soft-interface.c
> > b/net/batman-adv/soft-interface.c index 81665b1..a86748f 100644
> > --- a/net/batman-adv/soft-interface.c
> > +++ b/net/batman-adv/soft-interface.c
> > @@ -442,6 +442,9 @@ void batadv_interface_rx(struct net_device *soft_iface,
> >  		goto dropped;
> >  	}
> > 
> > +	/* Snoop incoming traffic for dat update */
> > +	batadv_dat_entry_check(bat_priv, skb, vid);
> > +
> >  	/* skb->dev & skb->pkt_type are set here */
> >  	skb->protocol = eth_type_trans(skb, soft_iface);
> > 
> > --
> > 1.7.0.4
> > 
> > 
> > 
> > ..................................................................
> > PHOENIX CONTACT ELECTRONICS GmbH
> > 
> > Sitz der Gesellschaft / registered office of the company: 31812 Bad Pyrmont
> > USt-Id-Nr.: DE811742156
> > Amtsgericht Hannover HRB 100528 / district court Hannover HRB 100528
> > Geschäftsführer / Executive Board: Roland Bent, Dr. Martin Heubeck
> > ___________________________________________________________________
> > Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
> > Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail
> > irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und
> > vernichten Sie diese Mail. Das unerlaubte Kopieren, jegliche anderweitige
> > Verwendung sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.
> > ---------------------------------------------------------------------------
> > ------------------------- This e-mail may contain confidential and/or
> > privileged information. If you are not the intended recipient (or have
> > received this e-mail in error) please notify the sender immediately and
> > destroy this e-mail. Any unauthorized copying, disclosure, distribution or
> > other use of the material or parts thereof is strictly forbidden.
> > ___________________________________________________________________

Re: [B.A.T.M.A.N.] [PATCH v5 2/6] batman-adv: speed up dat by snooping received ip traffic

[Sven Eckelmann]

[-- Attachment #1: Type: text/plain, Size: 535 bytes --]

On Dienstag, 19. Juli 2016 08:29:07 CEST Linus Lüssing wrote:
> What do you think about doing the same in batman-adv? That is,
> only updating, but not creating DAT cache entries from IP traffic.
> That should get rid of the main two concerns, accidentally
> snooping routed IP traffic and performance implications, shouldn't it?

You have to snoop the traffic anyway and search in the dat cache for each(?) 
packet. And the DAT cache is distributed. So why would it avoid the 
performance implications?

Kind regards,
	Sven

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [B.A.T.M.A.N.] [PATCH v5 2/6] batman-adv: speed up dat by snooping received ip traffic

[Ruben Wisniewski]

What exactly is the target of it? Just refresh the timer for arp entries? Why don't just ask the kernel arp table if it knows something bout the mac-address?

Every change should be pushed through the network by ne node which detected a new client, don't it?

Best regards 

Ruben

> Am 19.07.2016 um 08:59 schrieb Sven Eckelmann <sven@narfation.org>:
> 
>> On Dienstag, 19. Juli 2016 08:29:07 CEST Linus Lüssing wrote:
>> What do you think about doing the same in batman-adv? That is,
>> only updating, but not creating DAT cache entries from IP traffic.
>> That should get rid of the main two concerns, accidentally
>> snooping routed IP traffic and performance implications, shouldn't it?
> 
> You have to snoop the traffic anyway and search in the dat cache for each(?) 
> packet. And the DAT cache is distributed. So why would it avoid the 
> performance implications?
> 
> Kind regards,
>    Sven

Re: [B.A.T.M.A.N.] [PATCH v5 2/6] batman-adv: speed up dat by snooping received ip traffic

[Linus Lüssing]

On Tue, Jul 19, 2016 at 08:59:01AM +0200, Sven Eckelmann wrote:
> On Dienstag, 19. Juli 2016 08:29:07 CEST Linus Lüssing wrote:
> > What do you think about doing the same in batman-adv? That is,
> > only updating, but not creating DAT cache entries from IP traffic.
> > That should get rid of the main two concerns, accidentally
> > snooping routed IP traffic and performance implications, shouldn't it?
> 
> You have to snoop the traffic anyway and search in the dat cache for each(?) 
> packet. And the DAT cache is distributed. So why would it avoid the 
> performance implications?

I was talking about the local DAT cache. Not the DHT. Antonio and
I were thinking about a ratelimited DHT_PUT, too, but he wanted to give
it some further thoughts. No DHT_GET involved.

Also, Andreas already took care that the snooping code only uses
stack and not heap memory. No pskb_may_pull, just
skb_head_pointer()s. So if we were removing the DAT entry
creation, then there'd be no more kmalloc()'s.

A hashmap lookup in the local DAT cache shouldn't be that costly either,
should it? (and we are doing one such lookup for the originator
and translation table each already anyway)

Regards, Linus

Re: [B.A.T.M.A.N.] [PATCH v5 2/6] batman-adv: speed up dat by snooping received ip traffic

[Linus Lüssing]

On Tue, Jul 19, 2016 at 09:06:38AM +0200, Ruben Wisniewski wrote:
> What exactly is the target of it? Just refresh the timer for arp entries? Why don't just ask the kernel arp table if it knows something bout the mac-address?

Yes, refreshing DAT cache entry timers more frequently was the
idea.

There usually is no entry in a host's ARP table if bridges are
involved, though. Which is the typical use-case with batman-adv.

Regards, Linus