From: Hangbin Liu <liuhangbin@gmail.com>
To: netdev@vger.kernel.org
Cc: Julian Anastasov <ja@ssi.bg>,
Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>,
David Ahern <dsahern@gmail.com>,
Eric Dumazet <edumazet@google.com>,
Guillaume Nault <gnault@redhat.com>,
David Miller <davem@davemloft.net>,
Pablo Neira <pablo@netfilter.org>,
Stephen Hemminger <stephen@networkplumber.org>,
Alexey Kodanev <alexey.kodanev@oracle.com>,
Hangbin Liu <liuhangbin@gmail.com>
Subject: [PATCHv5 net 0/8] disable neigh update for tunnels during pmtu update
Date: Sun, 22 Dec 2019 10:51:08 +0800 [thread overview]
Message-ID: <20191222025116.2897-1-liuhangbin@gmail.com> (raw)
In-Reply-To: <20191220032525.26909-1-liuhangbin@gmail.com>
When we setup a pair of gretap, ping each other and create neighbour cache.
Then delete and recreate one side. We will never be able to ping6 to the new
created gretap.
The reason is when we ping6 remote via gretap, we will call like
gre_tap_xmit()
- ip_tunnel_xmit()
- tnl_update_pmtu()
- skb_dst_update_pmtu()
- ip6_rt_update_pmtu()
- __ip6_rt_update_pmtu()
- dst_confirm_neigh()
- ip6_confirm_neigh()
- __ipv6_confirm_neigh()
- n->confirmed = now
As the confirmed time updated, in neigh_timer_handler() the check for
NUD_DELAY confirm time will pass and the neigh state will back to
NUD_REACHABLE. So the old/wrong mac address will be used again.
If we do not update the confirmed time, the neigh state will go to
neigh->nud_state = NUD_PROBE; then go to NUD_FAILED and re-create the
neigh later, which is what IPv4 does.
We couldn't remove the ip6_confirm_neigh() directly as we still need it
for TCP flows. To fix it, we have to pass a bool parameter to
dst_ops.update_pmtu() and only disable neighbor update for tunnels.
v5: No code change, upate some commits description
v4: No code change, upate some commits description
v3: Do not remove dst_confirm_neigh, but add a new bool parameter in
dst_ops.update_pmtu to control whether we should do neighbor confirm.
Also split the big patch to small ones for each area.
v2: Remove dst_confirm_neigh in __ip6_rt_update_pmtu.
---
Reproducer:
#!/bin/bash
set -x
ip -a netns del
modprobe -r veth
modprobe -r bridge
ip netns add ha
ip netns add hb
ip link add br0 type bridge
ip link set br0 up
ip link add br_ha type veth peer name veth0 netns ha
ip link add br_hb type veth peer name veth0 netns hb
ip link set br_ha up
ip link set br_hb up
ip link set br_ha master br0
ip link set br_hb master br0
ip netns exec ha ip link set veth0 up
ip netns exec hb ip link set veth0 up
ip netns exec ha ip addr add 192.168.0.1/24 dev veth0
ip netns exec hb ip addr add 192.168.0.2/24 dev veth0
ip netns exec ha ip link add gretap1 type gretap local 192.168.0.1 remote 192.168.0.2
ip netns exec ha ip link set gretap1 up
ip netns exec ha ip addr add 1.1.1.1/24 dev gretap1
ip netns exec ha ip addr add 1111::1/64 dev gretap1
ip netns exec hb ip link add gretap1 type gretap local 192.168.0.2 remote 192.168.0.1
ip netns exec hb ip link set gretap1 up
ip netns exec hb ip addr add 1.1.1.2/24 dev gretap1
ip netns exec hb ip addr add 1111::2/64 dev gretap1
ip netns exec ha ping 1.1.1.2 -c 4
ip netns exec ha ping6 1111::2 -c 4
sleep 30
# recreate gretap
ip netns exec hb ip link del gretap1
ip netns exec hb ip link add gretap1 type gretap local 192.168.0.2 remote 192.168.0.1
ip netns exec hb ip link set gretap1 up
ip netns exec hb ip addr add 1.1.1.2/24 dev gretap1
ip netns exec hb ip addr add 1111::2/64 dev gretap1
ip netns exec hb ip link show dev gretap1
ip netns exec ha ip neigh show dev gretap1
ip netns exec ha ping 1.1.1.2 -c 4
ip netns exec ha ping6 1111::2 -c 4
ip netns exec ha ip neigh show dev gretap1
sleep 10
ip netns exec ha ip neigh show dev gretap1
ip netns exec ha ping 1.1.1.2 -c 4
ip netns exec ha ping6 1111::2 -c 4
ip netns exec ha ip neigh show dev gretap1
---
Hangbin Liu (8):
net: add bool confirm_neigh parameter for dst_ops.update_pmtu
ip6_gre: do not confirm neighbor when do pmtu update
gtp: do not confirm neighbor when do pmtu update
net/dst: add new function skb_dst_update_pmtu_no_confirm
tunnel: do not confirm neighbor when do pmtu update
vti: do not confirm neighbor when do pmtu update
sit: do not confirm neighbor when do pmtu update
net/dst: do not confirm neighbor for vxlan and geneve pmtu update
drivers/net/gtp.c | 2 +-
include/net/dst.h | 13 +++++++++++--
include/net/dst_ops.h | 3 ++-
net/bridge/br_nf_core.c | 3 ++-
net/decnet/dn_route.c | 6 ++++--
net/ipv4/inet_connection_sock.c | 2 +-
net/ipv4/ip_tunnel.c | 2 +-
net/ipv4/ip_vti.c | 2 +-
net/ipv4/route.c | 9 ++++++---
net/ipv4/xfrm4_policy.c | 5 +++--
net/ipv6/inet6_connection_sock.c | 2 +-
net/ipv6/ip6_gre.c | 2 +-
net/ipv6/ip6_tunnel.c | 4 ++--
net/ipv6/ip6_vti.c | 2 +-
net/ipv6/route.c | 22 +++++++++++++++-------
net/ipv6/sit.c | 2 +-
net/ipv6/xfrm6_policy.c | 5 +++--
net/netfilter/ipvs/ip_vs_xmit.c | 2 +-
net/sctp/transport.c | 2 +-
19 files changed, 58 insertions(+), 32 deletions(-)
--
2.19.2
next prev parent reply other threads:[~2019-12-22 2:51 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-22 6:19 [PATCH net] ipv6/route: only update neigh confirm time if pmtu changed Hangbin Liu
2019-11-22 18:04 ` David Miller
2019-11-26 9:17 ` Hangbin Liu
2019-12-03 2:11 ` [PATCHv2 net] ipv6/route: should not update neigh confirm time during PMTU update Hangbin Liu
2019-12-03 2:47 ` David Miller
2019-12-03 10:15 ` Hangbin Liu
2019-12-03 10:25 ` Hangbin Liu
2019-12-03 19:58 ` David Miller
2019-12-10 3:36 ` Hangbin Liu
2019-12-10 17:00 ` Guillaume Nault
2019-12-18 11:53 ` [PATCH net-next 0/8] disable neigh update for tunnels during pmtu update Hangbin Liu
2019-12-18 11:53 ` [PATCH net-next 1/8] net: add bool confirm_neigh parameter for dst_ops.update_pmtu Hangbin Liu
2019-12-18 11:53 ` [PATCH net-next 2/8] ip6_gre: do not confirm neighbor when do pmtu update Hangbin Liu
2019-12-18 11:53 ` [PATCH net-next 3/8] gtp: " Hangbin Liu
2019-12-18 11:53 ` [PATCH net-next 4/8] net/dst: add new function skb_dst_update_pmtu_no_confirm Hangbin Liu
2019-12-18 11:53 ` [PATCH net-next 5/8] tunnel: do not confirm neighbor when do pmtu update Hangbin Liu
2019-12-19 17:47 ` Guillaume Nault
2019-12-20 2:36 ` Hangbin Liu
2019-12-18 11:53 ` [PATCH net-next 6/8] vti: " Hangbin Liu
2019-12-18 11:53 ` [PATCH net-next 7/8] sit: " Hangbin Liu
2019-12-18 11:53 ` [PATCH net-next 8/8] net/dst: do not confirm neighbor for vxlan and geneve " Hangbin Liu
2019-12-19 17:49 ` Guillaume Nault
2019-12-18 12:01 ` [PATCH net-next 0/8] disable neigh update for tunnels during " Hangbin Liu
2019-12-19 17:57 ` Guillaume Nault
2019-12-20 2:48 ` Hangbin Liu
2019-12-19 17:53 ` Guillaume Nault
2019-12-20 3:25 ` [PATCHv4 net " Hangbin Liu
2019-12-20 3:25 ` [PATCHv4 net 1/8] net: add bool confirm_neigh parameter for dst_ops.update_pmtu Hangbin Liu
2019-12-20 3:25 ` [PATCHv4 net 2/8] ip6_gre: do not confirm neighbor when do pmtu update Hangbin Liu
2019-12-20 3:25 ` [PATCHv4 net 3/8] gtp: " Hangbin Liu
2019-12-21 18:35 ` Guillaume Nault
2019-12-20 3:25 ` [PATCHv4 net 4/8] net/dst: add new function skb_dst_update_pmtu_no_confirm Hangbin Liu
2019-12-20 3:25 ` [PATCHv4 net 5/8] tunnel: do not confirm neighbor when do pmtu update Hangbin Liu
2019-12-21 18:43 ` Guillaume Nault
2019-12-20 3:25 ` [PATCHv4 net 6/8] vti: " Hangbin Liu
2019-12-21 18:30 ` Guillaume Nault
2019-12-20 3:25 ` [PATCHv4 net 7/8] sit: " Hangbin Liu
2019-12-20 3:25 ` [PATCHv4 net 8/8] net/dst: do not confirm neighbor for vxlan and geneve " Hangbin Liu
2019-12-21 18:38 ` Guillaume Nault
2019-12-20 16:14 ` [PATCHv4 net 0/8] disable neigh update for tunnels during " David Ahern
2019-12-22 2:51 ` Hangbin Liu [this message]
2019-12-22 2:51 ` [PATCHv5 net 1/8] net: add bool confirm_neigh parameter for dst_ops.update_pmtu Hangbin Liu
2019-12-22 2:51 ` [PATCHv5 net 2/8] ip6_gre: do not confirm neighbor when do pmtu update Hangbin Liu
2019-12-22 2:51 ` [PATCHv5 net 3/8] gtp: " Hangbin Liu
2019-12-22 2:51 ` [PATCHv5 net 4/8] net/dst: add new function skb_dst_update_pmtu_no_confirm Hangbin Liu
2019-12-22 2:51 ` [PATCHv5 net 5/8] tunnel: do not confirm neighbor when do pmtu update Hangbin Liu
2019-12-22 2:51 ` [PATCHv5 net 6/8] vti: " Hangbin Liu
2019-12-22 2:51 ` [PATCHv5 net 7/8] sit: " Hangbin Liu
2019-12-22 2:51 ` [PATCHv5 net 8/8] net/dst: do not confirm neighbor for vxlan and geneve " Hangbin Liu
2019-12-22 22:10 ` [PATCHv5 net 0/8] disable neigh update for tunnels during " Guillaume Nault
2019-12-25 6:30 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191222025116.2897-1-liuhangbin@gmail.com \
--to=liuhangbin@gmail.com \
--cc=alexey.kodanev@oracle.com \
--cc=davem@davemloft.net \
--cc=dsahern@gmail.com \
--cc=edumazet@google.com \
--cc=gnault@redhat.com \
--cc=ja@ssi.bg \
--cc=marcelo.leitner@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.