From: Florian Fainelli <f.fainelli@gmail.com>
To: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>,
netdev@vger.kernel.org
Cc: roopa@cumulusnetworks.com, wkok@cumulusnetworks.com,
anuradhak@cumulusnetworks.com, bridge@lists.linux-foundation.org,
linus.luessing@c0d3.blue, davem@davemloft.net,
stephen@networkplumber.org
Subject: Re: [PATCH RFC] net: bridge: don't flood known multicast traffic when snooping is enabled
Date: Sat, 16 Feb 2019 19:05:10 -0800 [thread overview]
Message-ID: <2bb7baaa-affb-451c-658d-bc5412a14c31@gmail.com> (raw)
In-Reply-To: <20190215130427.29824-1-nikolay@cumulusnetworks.com>
On 2/15/2019 5:04 AM, Nikolay Aleksandrov wrote:
> The behaviour since b00589af3b04 ("bridge: disable snooping if there is
> no querier") is wrong, we shouldn't be flooding multicast traffic when
> there is an mdb entry and we know where it should be forwarded to when
> multicast snooping is enabled. This patch changes the behaviour to not
> flood known unicast traffic.
You mean multicast traffic in the last part of the sentence, right?
> I'll give two obviously broken cases:
> - most obvious: static mdb created by the user with snooping enabled
> - user-space daemon controlling the mdb table (e.g. MLAG)
>
> Every user would expect to have traffic forwarded only to the configured
> mdb destination when snooping is enabled, instead now to get that one
> needs to enable both snooping and querier. Enabling querier on all
> switches could be problematic and is not a good solution, for example
> as summarized by our multicast experts:
> "every switch would send an IGMP query for any random multicast traffic it
> received across the entire domain and it would send it forever as long as a
> host exists wanting that stream even if it has no downstream/directly
> connected receivers"
>
> Sending as an RFC to get the discussion going, but I'm strongly for
> removing this behaviour and would like to send this patch officially.
>
> We could make this behaviour possible via a knob if necessary, but
> it really should not be the default.
>
> Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
> ---
> net/bridge/br_device.c | 3 +--
> net/bridge/br_input.c | 3 +--
> 2 files changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c
> index 013323b6dbe4..2aa8a6509924 100644
> --- a/net/bridge/br_device.c
> +++ b/net/bridge/br_device.c
> @@ -96,8 +96,7 @@ netdev_tx_t br_dev_xmit(struct sk_buff *skb, struct net_device *dev)
> }
>
> mdst = br_mdb_get(br, skb, vid);
> - if ((mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) &&
> - br_multicast_querier_exists(br, eth_hdr(skb)))
> + if (mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb))
> br_multicast_flood(mdst, skb, false, true);
> else
> br_flood(br, skb, BR_PKT_MULTICAST, false, true);
> diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c
> index 5ea7e56119c1..aae78095cf67 100644
> --- a/net/bridge/br_input.c
> +++ b/net/bridge/br_input.c
> @@ -136,8 +136,7 @@ int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb
> switch (pkt_type) {
> case BR_PKT_MULTICAST:
> mdst = br_mdb_get(br, skb, vid);
> - if ((mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) &&
> - br_multicast_querier_exists(br, eth_hdr(skb))) {
> + if (mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) {
> if ((mdst && mdst->host_joined) ||
> br_multicast_is_router(br)) {
> local_rcv = true;
>
--
Florian
WARNING: multiple messages have this Message-ID (diff)
From: Florian Fainelli <f.fainelli@gmail.com>
To: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>,
netdev@vger.kernel.org
Cc: roopa@cumulusnetworks.com, bridge@lists.linux-foundation.org,
wkok@cumulusnetworks.com, anuradhak@cumulusnetworks.com,
davem@davemloft.net
Subject: Re: [Bridge] [PATCH RFC] net: bridge: don't flood known multicast traffic when snooping is enabled
Date: Sat, 16 Feb 2019 19:05:10 -0800 [thread overview]
Message-ID: <2bb7baaa-affb-451c-658d-bc5412a14c31@gmail.com> (raw)
In-Reply-To: <20190215130427.29824-1-nikolay@cumulusnetworks.com>
On 2/15/2019 5:04 AM, Nikolay Aleksandrov wrote:
> The behaviour since b00589af3b04 ("bridge: disable snooping if there is
> no querier") is wrong, we shouldn't be flooding multicast traffic when
> there is an mdb entry and we know where it should be forwarded to when
> multicast snooping is enabled. This patch changes the behaviour to not
> flood known unicast traffic.
You mean multicast traffic in the last part of the sentence, right?
> I'll give two obviously broken cases:
> - most obvious: static mdb created by the user with snooping enabled
> - user-space daemon controlling the mdb table (e.g. MLAG)
>
> Every user would expect to have traffic forwarded only to the configured
> mdb destination when snooping is enabled, instead now to get that one
> needs to enable both snooping and querier. Enabling querier on all
> switches could be problematic and is not a good solution, for example
> as summarized by our multicast experts:
> "every switch would send an IGMP query for any random multicast traffic it
> received across the entire domain and it would send it forever as long as a
> host exists wanting that stream even if it has no downstream/directly
> connected receivers"
>
> Sending as an RFC to get the discussion going, but I'm strongly for
> removing this behaviour and would like to send this patch officially.
>
> We could make this behaviour possible via a knob if necessary, but
> it really should not be the default.
>
> Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
> ---
> net/bridge/br_device.c | 3 +--
> net/bridge/br_input.c | 3 +--
> 2 files changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c
> index 013323b6dbe4..2aa8a6509924 100644
> --- a/net/bridge/br_device.c
> +++ b/net/bridge/br_device.c
> @@ -96,8 +96,7 @@ netdev_tx_t br_dev_xmit(struct sk_buff *skb, struct net_device *dev)
> }
>
> mdst = br_mdb_get(br, skb, vid);
> - if ((mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) &&
> - br_multicast_querier_exists(br, eth_hdr(skb)))
> + if (mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb))
> br_multicast_flood(mdst, skb, false, true);
> else
> br_flood(br, skb, BR_PKT_MULTICAST, false, true);
> diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c
> index 5ea7e56119c1..aae78095cf67 100644
> --- a/net/bridge/br_input.c
> +++ b/net/bridge/br_input.c
> @@ -136,8 +136,7 @@ int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb
> switch (pkt_type) {
> case BR_PKT_MULTICAST:
> mdst = br_mdb_get(br, skb, vid);
> - if ((mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) &&
> - br_multicast_querier_exists(br, eth_hdr(skb))) {
> + if (mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) {
> if ((mdst && mdst->host_joined) ||
> br_multicast_is_router(br)) {
> local_rcv = true;
>
--
Florian
next prev parent reply other threads:[~2019-02-17 3:05 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-15 13:04 [PATCH RFC] net: bridge: don't flood known multicast traffic when snooping is enabled Nikolay Aleksandrov
2019-02-15 13:04 ` [Bridge] " Nikolay Aleksandrov
2019-02-15 13:09 ` Nikolay Aleksandrov
2019-02-15 13:09 ` [Bridge] " Nikolay Aleksandrov
2019-02-15 13:53 ` Ido Schimmel
2019-02-15 13:53 ` [Bridge] " Ido Schimmel
2019-02-15 17:13 ` Linus Lüssing
2019-02-15 17:13 ` [Bridge] " Linus Lüssing
2019-02-16 8:05 ` Nikolay Aleksandrov
2019-02-16 8:05 ` [Bridge] " Nikolay Aleksandrov
2019-02-16 8:35 ` Nikolay Aleksandrov
2019-02-16 8:35 ` [Bridge] " Nikolay Aleksandrov
2019-02-16 20:04 ` Linus Lüssing
2019-02-16 20:04 ` [Bridge] " Linus Lüssing
2019-02-16 18:43 ` Ido Schimmel
2019-02-16 18:43 ` [Bridge] " Ido Schimmel
2019-02-16 19:15 ` nikolay
2019-02-16 19:15 ` [Bridge] " nikolay
2019-02-16 19:27 ` nikolay
2019-02-16 19:27 ` [Bridge] " nikolay
2019-02-16 20:37 ` Linus Lüssing
2019-02-16 20:37 ` [Bridge] " Linus Lüssing
2019-02-17 3:05 ` Florian Fainelli [this message]
2019-02-17 3:05 ` Florian Fainelli
2019-02-17 10:58 ` Nikolay Aleksandrov
2019-02-17 10:58 ` [Bridge] " Nikolay Aleksandrov
2019-02-18 2:15 ` [net] 5c261115ce: hwsim.ap_vlan_without_station.fail kernel test robot
2019-02-18 2:15 ` [Bridge] [LKP] " kernel test robot
2019-02-18 12:21 ` [RFC v2] net: bridge: don't flood known multicast traffic when snooping is enabled Nikolay Aleksandrov
2019-02-18 12:21 ` [Bridge] " Nikolay Aleksandrov
2019-02-19 8:53 ` Ido Schimmel
2019-02-19 8:53 ` [Bridge] " Ido Schimmel
2019-02-19 8:57 ` Linus Lüssing
2019-02-19 8:57 ` [Bridge] " Linus Lüssing
2019-02-19 9:21 ` Linus Lüssing
2019-02-19 9:21 ` Linus Lüssing
2019-02-19 13:31 ` Nikolay Aleksandrov
2019-02-19 13:31 ` Nikolay Aleksandrov
2019-02-19 15:42 ` Linus Lüssing
2019-02-19 15:42 ` Linus Lüssing
2019-02-19 17:26 ` Nikolay Aleksandrov
2019-02-19 17:26 ` Nikolay Aleksandrov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2bb7baaa-affb-451c-658d-bc5412a14c31@gmail.com \
--to=f.fainelli@gmail.com \
--cc=anuradhak@cumulusnetworks.com \
--cc=bridge@lists.linux-foundation.org \
--cc=davem@davemloft.net \
--cc=linus.luessing@c0d3.blue \
--cc=netdev@vger.kernel.org \
--cc=nikolay@cumulusnetworks.com \
--cc=roopa@cumulusnetworks.com \
--cc=stephen@networkplumber.org \
--cc=wkok@cumulusnetworks.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.