From: Thomas Graf <tgraf@suug.ch>
To: Neil Horman <nhorman@tuxdriver.com>
Cc: Jamal Hadi Salim <jhs@mojatatu.com>,
Jiri Pirko <jiri@resnulli.us>,
Florian Fainelli <f.fainelli@gmail.com>,
netdev <netdev@vger.kernel.org>,
David Miller <davem@davemloft.net>,
andy@greyhouse.net, dborkman@redhat.com, ogerlitz@mellanox.com,
jesse@nicira.com, pshelar@nicira.com, azhou@nicira.com,
Ben Hutchings <ben@decadent.org.uk>,
Stephen Hemminger <stephen@networkplumber.org>,
jeffrey.t.kirsher@intel.com, vyasevic <vyasevic@redhat.com>,
Cong Wang <xiyou.wangcong@gmail.com>,
John Fastabend <john.r.fastabend@intel.com>,
Eric Dumazet <edumazet@google.com>,
Scott Feldman <sfeldma@cumulusnetworks.com>,
Lennert Buytenhek <buytenh@wantstofly.org>
Subject: Re: [patch net-next RFC 0/4] introduce infrastructure for support of switch chip datapath
Date: Wed, 26 Mar 2014 11:29:03 +0000 [thread overview]
Message-ID: <20140326112903.GG15723@casper.infradead.org> (raw)
In-Reply-To: <20140326111031.GB31370@hmsreliant.think-freely.org>
On 03/26/14 at 07:10am, Neil Horman wrote:
> But by creating net_devices that are registered in the current fashion we
> implicitly agree to levels of functionality that are assumed to be available and
> as such are not within the purview of a net_device to reject. E.g. it is
> assumed that a netdevice can filter frames using iptables/ebtables, limit
> traffic using tc, etc.
I think this is the point where we disagree. We already have several
devices that hook into the rx handler and never have their packets
pass through either iptables or ebtables. Better examples of this are
macvtap or OVS.
What should happen is that these devices are given a chance to implement
the ACL in their own flow table. If no such facility exists, the rule
insertion should fall back to software mode if that is possible (an
OF capable switching chip could insert a 'upcall' flow), or as
a last resort return an error to indicate EOPNOTSUPP.
> And if a switch fabric is short cutting traffic so that
> the cpu doesn't see them, those bits of functionality won't work. I agree we
> can likely work around that with richer feature capabilities, but such an
> infrastructure would both require extensive kernel changes to fully cover the
> set of existing features at a sufficient granularity, and require user space
> changes to grok the feature set of a given device. Not saying its impossibible
> or even undesireable mind you, just thats its not any less invasive than what
> I'm proposing.
What I don't understand at this point is how hiding the ports behind
a master device would buy us anything. We would still need to abstract
the filtering capabilities of the ports at some level and hiding that
behind existing tools seems to most convenient way.
next prev parent reply other threads:[~2014-03-26 11:29 UTC|newest]
Thread overview: 125+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-19 15:33 [patch net-next RFC 0/4] introduce infrastructure for support of switch chip datapath Jiri Pirko
2014-03-19 15:33 ` [patch net-next RFC 1/4] openvswitch: split flow structures into ovs specific and generic ones Jiri Pirko
2014-03-20 13:04 ` Thomas Graf
2014-03-19 15:33 ` [patch net-next RFC 2/4] net: introduce switchdev API Jiri Pirko
2014-03-20 13:59 ` Thomas Graf
2014-03-20 14:18 ` Jiri Pirko
2014-03-20 14:43 ` Nikolay Aleksandrov
2014-03-20 15:42 ` Jiri Pirko
2014-03-19 15:33 ` [patch net-next RFC 3/4] openvswitch: Introduce support for switchdev based datapath Jiri Pirko
2014-03-19 15:33 ` [patch net-next RFC 4/4] net: introduce dummy switch Jiri Pirko
2014-03-20 11:49 ` [patch net-next RFC 0/4] introduce infrastructure for support of switch chip datapath Jamal Hadi Salim
2014-03-20 12:40 ` Jiri Pirko
2014-03-20 17:21 ` Florian Fainelli
2014-03-21 12:04 ` Jamal Hadi Salim
2014-03-22 9:48 ` Jiri Pirko
2014-03-24 23:07 ` Jamal Hadi Salim
2014-03-25 17:39 ` Neil Horman
2014-03-25 18:00 ` Thomas Graf
2014-03-25 19:35 ` Neil Horman
2014-03-25 20:11 ` Florian Fainelli
2014-03-25 20:31 ` Neil Horman
2014-03-25 21:22 ` Jamal Hadi Salim
2014-03-25 21:26 ` Thomas Graf
2014-03-25 21:42 ` Florian Fainelli
2014-03-25 21:54 ` Thomas Graf
2014-03-26 10:55 ` Neil Horman
2014-03-26 5:37 ` Roopa Prabhu
2014-03-26 10:54 ` Jamal Hadi Salim
2014-03-26 15:31 ` John W. Linville
2014-03-26 16:54 ` Roopa Prabhu
2014-03-26 16:59 ` Jiri Pirko
2014-03-26 17:29 ` Florian Fainelli
2014-03-26 17:35 ` Jiri Pirko
2014-03-26 17:58 ` Florian Fainelli
2014-03-26 18:14 ` Jiri Pirko
2014-03-26 18:29 ` Hannes Frederic Sowa
2014-03-26 18:30 ` Florian Fainelli
2014-03-26 21:51 ` Jamal Hadi Salim
2014-03-26 22:22 ` Florian Fainelli
2014-03-26 22:53 ` Jamal Hadi Salim
2014-03-26 23:16 ` Florian Fainelli
2014-03-27 6:56 ` Jiri Pirko
2014-03-27 10:39 ` Jamal Hadi Salim
2014-03-27 10:50 ` Jiri Pirko
2014-03-27 11:12 ` Jamal Hadi Salim
2014-03-27 11:16 ` Jiri Pirko
2014-03-27 14:10 ` Sergey Ryazanov
2014-03-27 16:41 ` Florian Fainelli
2014-03-27 16:57 ` Jiri Pirko
2014-03-27 16:59 ` Thomas Graf
2014-03-27 20:32 ` Sergey Ryazanov
2014-03-27 21:20 ` Florian Fainelli
2014-03-27 21:55 ` Jamal Hadi Salim
2014-03-28 6:28 ` Jiri Pirko
2014-03-30 12:08 ` Alon Harel
2014-03-27 21:41 ` Jamal Hadi Salim
2014-03-27 16:55 ` Jiri Pirko
2014-03-27 19:58 ` Sergey Ryazanov
2014-03-27 20:01 ` Florian Fainelli
2014-03-27 20:04 ` Sergey Ryazanov
2014-03-27 21:47 ` Jamal Hadi Salim
2014-03-27 21:54 ` Florian Fainelli
2014-03-27 21:59 ` Jamal Hadi Salim
2014-03-27 22:19 ` Florian Fainelli
2014-03-27 23:42 ` Thomas Graf
2014-03-27 23:46 ` Florian Fainelli
2014-03-26 17:57 ` Roopa Prabhu
2014-03-26 18:09 ` Florian Fainelli
2014-03-27 13:46 ` John W. Linville
2014-03-26 17:47 ` Roopa Prabhu
2014-03-26 18:03 ` Jiri Pirko
2014-03-26 21:27 ` Roopa Prabhu
2014-03-26 21:31 ` Jiri Pirko
2014-03-27 15:35 ` Roopa Prabhu
2014-03-27 16:10 ` Jiri Pirko
2014-04-01 19:13 ` Scott Feldman
2014-04-02 6:41 ` Jiri Pirko
2014-04-02 15:37 ` Scott Feldman
2014-04-02 14:32 ` Andy Gospodarek
2014-04-02 15:25 ` John W. Linville
2014-04-02 16:15 ` Scott Feldman
2014-04-02 16:47 ` Florian Fainelli
2014-04-02 21:52 ` Thomas Graf
2014-04-02 19:29 ` John W. Linville
2014-04-02 19:54 ` Scott Feldman
2014-04-02 20:06 ` John W. Linville
2014-04-02 20:04 ` Stephen Hemminger
2014-04-02 20:23 ` Jiri Pirko
2014-04-02 20:38 ` John W. Linville
2014-04-02 21:36 ` Thomas Graf
2014-03-25 20:56 ` Jamal Hadi Salim
2014-03-25 21:19 ` Thomas Graf
2014-03-25 21:24 ` Jamal Hadi Salim
2014-03-26 7:21 ` Jiri Pirko
2014-03-26 11:00 ` Jamal Hadi Salim
2014-03-26 11:06 ` Jamal Hadi Salim
2014-03-26 11:31 ` Jamal Hadi Salim
2014-03-26 13:20 ` Jiri Pirko
2014-03-26 13:23 ` Jamal Hadi Salim
2014-03-26 13:17 ` Jiri Pirko
2014-03-26 11:10 ` Neil Horman
2014-03-26 11:29 ` Thomas Graf [this message]
2014-03-26 12:58 ` Jamal Hadi Salim
2014-03-26 15:22 ` John W. Linville
2014-03-26 21:36 ` Jamal Hadi Salim
2014-03-26 18:21 ` Neil Horman
2014-03-26 19:11 ` Florian Fainelli
2014-03-26 22:44 ` Jamal Hadi Salim
2014-03-26 23:15 ` Thomas Graf
2014-03-26 23:21 ` Florian Fainelli
2014-03-27 15:26 ` Neil Horman
2014-03-27 21:33 ` Jamal Hadi Salim
2014-03-26 19:24 ` Hannes Frederic Sowa
2014-03-27 13:43 ` John W. Linville
2014-03-26 12:19 ` Jamal Hadi Salim
2014-03-26 15:27 ` John W. Linville
2014-03-25 18:33 ` Florian Fainelli
2014-03-25 19:40 ` Neil Horman
2014-03-25 20:00 ` Florian Fainelli
2014-03-25 21:39 ` tgraf
2014-03-25 22:08 ` Jamal Hadi Salim
2014-03-26 5:48 ` Roopa Prabhu
2014-03-25 20:46 ` Jamal Hadi Salim
2014-03-26 7:24 ` Jiri Pirko
2014-03-22 9:40 ` Jiri Pirko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140326112903.GG15723@casper.infradead.org \
--to=tgraf@suug.ch \
--cc=andy@greyhouse.net \
--cc=azhou@nicira.com \
--cc=ben@decadent.org.uk \
--cc=buytenh@wantstofly.org \
--cc=davem@davemloft.net \
--cc=dborkman@redhat.com \
--cc=edumazet@google.com \
--cc=f.fainelli@gmail.com \
--cc=jeffrey.t.kirsher@intel.com \
--cc=jesse@nicira.com \
--cc=jhs@mojatatu.com \
--cc=jiri@resnulli.us \
--cc=john.r.fastabend@intel.com \
--cc=netdev@vger.kernel.org \
--cc=nhorman@tuxdriver.com \
--cc=ogerlitz@mellanox.com \
--cc=pshelar@nicira.com \
--cc=sfeldma@cumulusnetworks.com \
--cc=stephen@networkplumber.org \
--cc=vyasevic@redhat.com \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.