From: Jakub Kicinski <kuba@kernel.org>
To: Lynne <dev@lynne.ee>
Cc: Florian Westphal <fw@strlen.de>, Netdev <netdev@vger.kernel.org>,
Kuniyu <kuniyu@amazon.com>,
Willemdebruijn Kernel <willemdebruijn.kernel@gmail.com>
Subject: Re: Regarding UDP-Lite deprecation and removal
Date: Thu, 21 Mar 2024 08:41:39 -0700 [thread overview]
Message-ID: <20240321084139.4dac7e74@kernel.org> (raw)
In-Reply-To: <NtHhf_6--3-9@lynne.ee>
On Mon, 18 Mar 2024 18:58:10 +0100 (CET) Lynne wrote:
> Mar 18, 2024, 14:18 by fw@strlen.de:
> > Lynne <dev@lynne.ee> wrote:
> >
> >> UDP-Lite was scheduled to be removed in 2025 in commit
> >> be28c14ac8bbe1ff due to a lack of real-world users, and
> >> a long-outstanding security bug being left undiscovered.
> >>
> >> I would like to open a discussion to perhaps either avoid this,
> >> or delay it, conditionally.
> >>
> >
> > Is there any evidence UDP-Lite works in practice?
FWIW I also vote to delete UDP-Lite unless we have real uses that show
benefit, preferably _in production_.
> > I am not aware of any HW that will peek into L3/L4 payload to figure out
> > that the 'udplite' payload should be passed up even though it has bad csum.
> >
> > So, AFAIU L2 FCS/CRC essentially renders entire 'partial csum' premise moot,
> > stack will never receive udplite frames that are damaged.
Plus FEC protection on top of FCS is increasingly common.
I presume someone did mathematical analysis that UDP Lite is sound,
but my engineering senses are tingling at the thought that we're
simultaneously saying that BER is high enough to want to process
damaged packets, and low enough for the internet csum to be
sufficiently strong.
The whole thing feels a little bit like an attempt to preserve
zero-checksum for IPv6. For HW which wants to spit out IP headers
followed by a block of raw unchecksummed data. I've done such things
in the past on an FPGA out of laziness. Nothing to do with receiving
actually damaged frames.
> > Did things change?
> >
>
> I do somehow get CRC errors past the Ethernet layer on consumer rtl cards,
> by default, with no ethtool changes, so maybe things did change.
Yes, but that's just the last hop. Is the entire network going
to disable L2 csums? Or are we just going to use the UDP-lite-
-abilities on the last hop?
> I haven't sacrificed a good cable yet to get a definitive proof.
> The cargo-culted way to be sure is to enable rx-all.
next prev parent reply other threads:[~2024-03-21 15:41 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-17 0:34 Regarding UDP-Lite deprecation and removal Lynne
2024-03-18 10:36 ` Paolo Abeni
2024-03-18 10:49 ` Denis Kirjanov
2024-03-18 14:10 ` Florian Westphal
2024-03-18 17:58 ` Lynne
2024-03-21 10:31 ` Paolo Abeni
2024-03-21 15:41 ` Jakub Kicinski [this message]
2024-03-21 8:29 ` Lynne
2024-03-21 11:43 ` Denis Kirjanov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240321084139.4dac7e74@kernel.org \
--to=kuba@kernel.org \
--cc=dev@lynne.ee \
--cc=fw@strlen.de \
--cc=kuniyu@amazon.com \
--cc=netdev@vger.kernel.org \
--cc=willemdebruijn.kernel@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).