From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B8BB6C43381 for ; Tue, 19 Feb 2019 09:21:31 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 8949621848 for ; Tue, 19 Feb 2019 09:21:31 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="key not found in DNS" (0-bit key) header.d=c0d3.blue header.i=@c0d3.blue header.b="PnuXhwoX" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727964AbfBSJVa (ORCPT ); Tue, 19 Feb 2019 04:21:30 -0500 Received: from mail.aperture-lab.de ([138.201.29.205]:43496 "EHLO mail.aperture-lab.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726695AbfBSJV3 (ORCPT ); Tue, 19 Feb 2019 04:21:29 -0500 Date: Tue, 19 Feb 2019 10:21:25 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=c0d3.blue; s=2018; t=1550568087; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=4Zi+FUXRDVZR22UMs1vreXsU4Q1SNFLfFgj4BQXsYDE=; b=PnuXhwoXiT4tmITPF7VMmr736qb6uUZcj4s7b1Qxx5UZvLHiKN/7xlGkirZ4rxISUUqJQD eOKmZK2nampBsL3lsg7mU1YyQik7KoehU6LD116m4jF+cz7Yn6tf6JqOUKe4faX6guZKM0 jFnhVNjyJsjbLLYFByB0gZTnqQnWOgqFUme6jlf+b2uFUl/8X1fR3s3lKm3UnO9csPqBor cP5laA/c0+kTfG7qPGzmRaGJ6KtXnFrHPq5O1TFJAUtvElwLsiuNIoQ7NpO2GEOLzvLr6x jbJy0Ganp9NPRvGc4+6ETxjgMnJE8dsr5ehq4x9Oq9qxxQFKrCJY4dwBDGQuug== From: Linus =?utf-8?Q?L=C3=BCssing?= To: Nikolay Aleksandrov Cc: bridge@lists.linux-foundation.org, netdev@vger.kernel.org, roopa@cumulusnetworks.com, f.fainelli@gmail.com, idosch@idosch.org Subject: Re: [Bridge] [RFC v2] net: bridge: don't flood known multicast traffic when snooping is enabled Message-ID: <20190219092125.GE10191@otheros> References: <20190215130427.29824-1-nikolay@cumulusnetworks.com> <20190218122107.10097-1-nikolay@cumulusnetworks.com> <20190219085716.GD10191@otheros> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20190219085716.GD10191@otheros> ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=c0d3.blue; s=2018; t=1550568087; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=4Zi+FUXRDVZR22UMs1vreXsU4Q1SNFLfFgj4BQXsYDE=; b=ct4Pv/kdWsISGAwxFMY1juREYKRU5NuzhOJafswF42IUzYBhyFdxb/JNJNlVIS2XAm9RCW sfuJjNk6CCBaao2xsWGmAShyzrdWKLrdNtaVohc8l/OJaQKO0vxvBrLvEFI4WlAHj2kQP7 /HRoFnXxEqCOmEgHtkgnGqG6jVLIAwTyt4Lat45GZQtcZ5YrDNQUP2EEg/f+HvR820mFzq XNVfhZ64Oft3qUs6ELdFAQYKcENM9lw4vHf3/4iUfBUD3iWV0OdRuXRrAFaZXDqYeyBr9L 3ECzUmZL3cxImw3l7AmRezEpoSkcF5cWi21yw/en/y+xXV1WMrRwkJN+r6O7XA== ARC-Seal: i=1; s=2018; d=c0d3.blue; t=1550568087; a=rsa-sha256; cv=none; b=Bgajcn1C3OpQwyvNW0Yq0k6aFE+YEK3KfESjungmV5W2KTEKeeiixEG2ootfGZaRC1bItd 67kPWLXvORg1mLzdqu6AcYgoi5PC5MWN+DKk3leg+R2QIjZcKTNpyNHwpXyEokmBskawvi k3qtJrXjwYS0QwqqSudfinWStHTfd7xxM5otlvonMrcLHYmFYTYhnOoaJCpHZsJwzQ0Cc3 87Sv0fo1+OriQe8Ck98jrHrHdjnc3Gp94IbSTp9vpAVeNsfFSzicUqul8XhbnHDLBRslHA lBbER115/ihgfhGswOWl11VlxGLE9ZApAGfs4K/ziKiaykqFSlxMeDFzf5ZJxQ== ARC-Authentication-Results: i=1; ORIGINATING; auth=pass smtp.auth=linus.luessing@c0d3.blue smtp.mailfrom=linus.luessing@c0d3.blue Authentication-Results: ORIGINATING; auth=pass smtp.auth=linus.luessing@c0d3.blue smtp.mailfrom=linus.luessing@c0d3.blue Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On Tue, Feb 19, 2019 at 09:57:16AM +0100, Linus Lüssing wrote: > On Mon, Feb 18, 2019 at 02:21:07PM +0200, Nikolay Aleksandrov wrote: > > This is v2 of the RFC patch which aims to forward packets to known > > mdsts' ports only (the no querier case). After v1 I've kept > > the previous behaviour when it comes to unregistered traffic or when > > a querier is present. All of this is of course only with snooping > > enabled. So with this patch the following changes should occur: > > - No querier: forward known mdst traffic to its registered ports, > > no change about unknown mcast (flood) > > - Querier present: no change > > > > The reason to do this is simple - we want to respect the user's mdb > > configuration in both cases, that is if the user adds static mdb entries > > manually then we should use that information about forwarding traffic. > > > > What do you think ? > > > > * Notes > > Traffic that is currently marked as mrouters_only: > > - IPv4: non-local mcast traffic, igmp reports > > - IPv6: non-all-nodes-dst mcast traffic, mldv1 reports > > > > Simple use case: > > $ echo 1 > /sys/class/net/bridge/bridge/multicast_snooping > > $ bridge mdb add dev bridge port swp1 grp 239.0.0.1 > > - without a querier currently traffic for 239.0.0.1 will still be flooded, > > with this change it will be forwarded only to swp1 > > There is still the issue with unsolicited reports adding mdst > entries here, too. Leading to unwanted packet loss and connectivity issues. Or in other words, an unsolicited report will turn a previously unregistered multicast group into a registered one. However in the absence of a querier the knowledge about this newly registered multicast group will be incomplete. And therefore still needs to be flooded to avoid packet loss.