Re: [Bridge] Multicast packets being lost (3.10 stable)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Linus Lüssing" <linus.luessing@c0d3.blue>
To: David Miller <davem@davemloft.net>
Cc: Stephen Hemminger <shemming@brocade.com>,
	netdev@vger.kernel.org, bridge@lists.linux-foundation.org,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	openwrt-devel@lists.openwrt.org,
	David Miller <davem@davemloft.net>
Subject: Re: [Bridge] Multicast packets being lost (3.10 stable)
Date: Wed, 10 Dec 2014 20:16:33 +0100	[thread overview]
Message-ID: <20141210191633.GA2473@odroid> (raw)
In-Reply-To: <20140910133341.GI7058@odroid>

Hi David,

did you have a chance to look into backporting these fixes for
stable yet? (if I read the docs correctly, I should query you for
suggestions for stable kernels, right?)

Also, an eighth patch I'd suggest for stable now:

8) bridge: fix netfilter/NF_BR_LOCAL_OUT for own, locally generated queries
   -> f0b4eeced (since 3.18)


If there's anything unclear, just let me know. Thanks :)!

Cheers, Linus


On Wed, Sep 10, 2014 at 03:33:41PM +0200, Linus Lüssing wrote:
> I just got a complaint about bridges, multicast and a
> 3.10 kernel again. Seems like nobody had any objections about
> queueing these two patches for stable ( 2)+3) )?
> 
> Also I'm still missing some more fixes in the stable branches.
> Especially 5), 6) and 7) are of high priority (next to 2) and 3) )
> in my opinion as otherwise IPv6 in general could be broken for people
> using 3.12 or 3.13 (as 3.12 contains a patch which activates
> multicast snooping for link-local addresses, too: 3c3769e63).
> 
> Here is a more ordered list of patches I'd suggest to be queued for
> stable:
> 
> 1) bridge: fix switched interval for MLD Query types
>    -> 32de868cb (present since 3.10)
> 2) bridge: disable snooping if there is no querier
>    -> b00589af3 (present since 3.11)
> 3) bridge: don't try to update timers in case of broken MLD queries
>    -> 248ba8ec0 (present since 3.11)
> 4) Revert "bridge: only expire the mdb entry when query is received"
>    -> 454594f3b (present since 3.12)
> 5) bridge: multicast: add sanity check for query source addresses
>    -> 6565b9eee (present since 3.14)
> 6) bridge: multicast: add sanity check for general query destination
>    -> 9ed973cc4 (present since 3.14)
> 7) bridge: multicast: enable snooping on general queries only
>    -> 20a599bec (present since 3.14)
> 
> Let me know what you'd think about that or if there's any trouble
> applying them to older kernels.
> 
> Cheers, Linus
> 
> 
> On Tue, Mar 25, 2014 at 02:06:07PM +0100, Linus Lüssing wrote:
> > That commit is supposed to be a fix and seems to be a easily
> > cherry-pickable on top of 3.10. So I think it's suitable for
> > stable
> > 
> > There are two follow-up commit for this particular patch that I'm aware
> > of: "bridge: separate querier and query timer into IGMP/IPv4
> > and MLD/IPv6 ones" (cc0fdd80). That's just an optimization
> > and can be ignored for stable.
> > 
> > The second one is "bridge: don't try to update timers in case of
> > broken MLD queries" (248ba8ec0). Which is a direct fix for
> > b00589af3 and should therefore go into stable, too, if b00589af3
> > goes into stable.
> > 
> > Cheers, Linus
> > 
> > 
> > On Mon, Mar 24, 2014 at 09:41:07AM -0700, Stephen Hemminger wrote:
> > > We are seeing multicast snooping related issues.
> > > Is there some reason this commit never went into stable (3.10)
> > > 
> > > commit b00589af3b04736376f24625ab0b394642e89e29
> > > Author: Linus Lüssing <linus.luessing@web.de>
> > > Date:   Thu Aug 1 01:06:20 2013 +0200
> > > 
> > >     bridge: disable snooping if there is no querier
> > >     
> > >     If there is no querier on a link then we won't get periodic reports and
> > >     therefore won't be able to learn about multicast listeners behind ports,
> > >     potentially leading to lost multicast packets, especially for multicast
> > >     listeners that joined before the creation of the bridge.
> > >     
> > >     These lost multicast packets can appear since c5c23260594
> > >     ("bridge: Add multicast_querier toggle and disable queries by default")
> > >     in particular.
> > >     
> > >     With this patch we are flooding multicast packets if our querier is
> > >     disabled and if we didn't detect any other querier.
> > >     
> > >     A grace period of the Maximum Response Delay of the querier is added to
> > >     give multicast responses enough time to arrive and to be learned from
> > >     before disabling the flooding behaviour again.
> > >     
> > >     Signed-off-by: Linus Lüssing <linus.luessing@web.de>
> > >     Signed-off-by: David S. Miller <davem@davemloft.net>

WARNING: multiple messages have this Message-ID (diff)

From: "Linus Lüssing" <linus.luessing@c0d3.blue>
To: David Miller <davem@davemloft.net>
Cc: Stephen Hemminger <shemming@brocade.com>,
	netdev@vger.kernel.org, bridge@lists.linux-foundation.org,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	openwrt-devel@lists.openwrt.org,
	David Miller <davem@davemloft.net>
Subject: Re: Multicast packets being lost (3.10 stable)
Date: Wed, 10 Dec 2014 20:16:33 +0100	[thread overview]
Message-ID: <20141210191633.GA2473@odroid> (raw)
In-Reply-To: <20140910133341.GI7058@odroid>

Hi David,

did you have a chance to look into backporting these fixes for
stable yet? (if I read the docs correctly, I should query you for
suggestions for stable kernels, right?)

Also, an eighth patch I'd suggest for stable now:

8) bridge: fix netfilter/NF_BR_LOCAL_OUT for own, locally generated queries
   -> f0b4eeced (since 3.18)


If there's anything unclear, just let me know. Thanks :)!

Cheers, Linus


On Wed, Sep 10, 2014 at 03:33:41PM +0200, Linus Lüssing wrote:
> I just got a complaint about bridges, multicast and a
> 3.10 kernel again. Seems like nobody had any objections about
> queueing these two patches for stable ( 2)+3) )?
> 
> Also I'm still missing some more fixes in the stable branches.
> Especially 5), 6) and 7) are of high priority (next to 2) and 3) )
> in my opinion as otherwise IPv6 in general could be broken for people
> using 3.12 or 3.13 (as 3.12 contains a patch which activates
> multicast snooping for link-local addresses, too: 3c3769e63).
> 
> Here is a more ordered list of patches I'd suggest to be queued for
> stable:
> 
> 1) bridge: fix switched interval for MLD Query types
>    -> 32de868cb (present since 3.10)
> 2) bridge: disable snooping if there is no querier
>    -> b00589af3 (present since 3.11)
> 3) bridge: don't try to update timers in case of broken MLD queries
>    -> 248ba8ec0 (present since 3.11)
> 4) Revert "bridge: only expire the mdb entry when query is received"
>    -> 454594f3b (present since 3.12)
> 5) bridge: multicast: add sanity check for query source addresses
>    -> 6565b9eee (present since 3.14)
> 6) bridge: multicast: add sanity check for general query destination
>    -> 9ed973cc4 (present since 3.14)
> 7) bridge: multicast: enable snooping on general queries only
>    -> 20a599bec (present since 3.14)
> 
> Let me know what you'd think about that or if there's any trouble
> applying them to older kernels.
> 
> Cheers, Linus
> 
> 
> On Tue, Mar 25, 2014 at 02:06:07PM +0100, Linus Lüssing wrote:
> > That commit is supposed to be a fix and seems to be a easily
> > cherry-pickable on top of 3.10. So I think it's suitable for
> > stable
> > 
> > There are two follow-up commit for this particular patch that I'm aware
> > of: "bridge: separate querier and query timer into IGMP/IPv4
> > and MLD/IPv6 ones" (cc0fdd80). That's just an optimization
> > and can be ignored for stable.
> > 
> > The second one is "bridge: don't try to update timers in case of
> > broken MLD queries" (248ba8ec0). Which is a direct fix for
> > b00589af3 and should therefore go into stable, too, if b00589af3
> > goes into stable.
> > 
> > Cheers, Linus
> > 
> > 
> > On Mon, Mar 24, 2014 at 09:41:07AM -0700, Stephen Hemminger wrote:
> > > We are seeing multicast snooping related issues.
> > > Is there some reason this commit never went into stable (3.10)
> > > 
> > > commit b00589af3b04736376f24625ab0b394642e89e29
> > > Author: Linus Lüssing <linus.luessing@web.de>
> > > Date:   Thu Aug 1 01:06:20 2013 +0200
> > > 
> > >     bridge: disable snooping if there is no querier
> > >     
> > >     If there is no querier on a link then we won't get periodic reports and
> > >     therefore won't be able to learn about multicast listeners behind ports,
> > >     potentially leading to lost multicast packets, especially for multicast
> > >     listeners that joined before the creation of the bridge.
> > >     
> > >     These lost multicast packets can appear since c5c23260594
> > >     ("bridge: Add multicast_querier toggle and disable queries by default")
> > >     in particular.
> > >     
> > >     With this patch we are flooding multicast packets if our querier is
> > >     disabled and if we didn't detect any other querier.
> > >     
> > >     A grace period of the Maximum Response Delay of the querier is added to
> > >     give multicast responses enough time to arrive and to be learned from
> > >     before disabling the flooding behaviour again.
> > >     
> > >     Signed-off-by: Linus Lüssing <linus.luessing@web.de>
> > >     Signed-off-by: David S. Miller <davem@davemloft.net>

next prev parent reply	other threads:[~2014-12-10 19:16 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-03-24 16:41 Multicast packets being lost (3.10 stable) Stephen Hemminger
2014-03-25 13:06 ` Linus Lüssing
2014-09-10 13:33   ` [Bridge] " Linus Lüssing
2014-09-10 13:33     ` Linus Lüssing
2014-12-10 19:16     ` Linus Lüssing [this message]
2014-12-10 19:16       ` Linus Lüssing
2014-12-13 20:37       ` [Bridge] " David Miller
2014-12-13 20:37         ` David Miller
2014-12-15  8:04         ` [Bridge] " Simon Horman
2014-12-15  8:04           ` Simon Horman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20141210191633.GA2473@odroid \
    --to=linus.luessing@c0d3.blue \
    --cc=bridge@lists.linux-foundation.org \
    --cc=davem@davemloft.net \
    --cc=gregkh@linuxfoundation.org \
    --cc=netdev@vger.kernel.org \
    --cc=openwrt-devel@lists.openwrt.org \
    --cc=shemming@brocade.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.