From: "Linus Lüssing" <linus.luessing@c0d3.blue>
To: Marek Lindner <mareklindner@neomailbox.ch>
Cc: b.a.t.m.a.n@lists.open-mesh.org
Subject: Re: [B.A.T.M.A.N.] [PATCH] batman-adv: introduce "noflood" broadcast flood prevention option
Date: Sat, 27 Apr 2019 04:38:49 +0200 [thread overview]
Message-ID: <20190427023848.GK6201@otheros> (raw)
In-Reply-To: <1906609.VMlLDzDynG@rousseau>
On Sat, Apr 27, 2019 at 05:56:03AM +0800, Marek Lindner wrote:
> On Saturday, 27 April 2019 01:12:31 HKT Linus Lüssing wrote:
> > With DAT DHCP snooping, the gateway feature and multicast optimizations
> > in place in some scenarios broadcast flooding might not be strictly
> > necessary anymore to be able to establish IPv4/IPv6 communication.
> > Therefore this patch adds an option to disable broadcast flooding.
> >
> > Larger mesh networks typically filter a variety of multicast packets via
> > ebtables/netfilter to clamp on overhead. With this option such firewall
> > rules can be relaxed so that such multicast packets are only dropped
> > if they cannot be handled by multicast-to-unicast, for instance.
>
> Could you outline the use-case for this specific noflood option in more detail ?
> The description above is not entirely clear to me. Especially, the 'might not
> be strictly necessary anymore' to 'firewall rules can be relaxed'. How are
> these things connected ? Is this option implemented only, so that some firewall
> rules don't need to be set anymore ?
The main use-case I currently have in mind is safely enabling multicast in
larger, public mesh networks:
Currently we have firewall rules in Gluon to drop most multicast.
With multicast-to-multi-unicast we could in theory use multicast
without creating broadcast overhead for the whole mesh. However
only until we hit the multicast_fanout threshold. Then things
would get flooded again.
The desired behaviour in this case would be to let multicast packets pass
unless they would be flooded. A firewall does not know which
mechanism batman-adv would choose. Hence this option within
batman-adv to create this desired behaviour.
With "might not be strictly necessary anymore" I ment that if
certain requirements are met that address assignments and address
resolution can now be achieved without needing broadcast flooding.
> What happens if a user enables 'noflood' but does not fall into the 'might not
> be strictly necessary anymore' category ?
Well, broken connectivity. Typing "ip link set dev eth0 multicast off"
in a setup which still needs multicast to function would be an
analogy then :).
Regards, Linus
next prev parent reply other threads:[~2019-04-27 2:38 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-26 17:12 [B.A.T.M.A.N.] [PATCH] batman-adv: introduce "noflood" broadcast flood prevention option Linus Lüssing
2019-04-26 21:56 ` Marek Lindner
2019-04-27 2:38 ` Linus Lüssing [this message]
2019-04-27 2:53 ` Linus Lüssing
2019-04-28 17:04 ` Sven Eckelmann
2019-04-28 19:04 ` Martin Weinelt
2019-04-30 16:01 ` Linus Lüssing
2019-04-30 16:07 ` Linus Lüssing
2019-05-02 6:40 ` Sven Eckelmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190427023848.GK6201@otheros \
--to=linus.luessing@c0d3.blue \
--cc=b.a.t.m.a.n@lists.open-mesh.org \
--cc=mareklindner@neomailbox.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.