From: Ido Schimmel <idosch@idosch.org>
To: Andrew Lunn <andrew@lunn.ch>
Cc: Jiri Pirko <jiri@resnulli.us>,
Horatiu Vultur <horatiu.vultur@microchip.com>,
alexandre.belloni@bootlin.com, UNGLinuxDriver@microchip.com,
davem@davemloft.net, allan.nielsen@microchip.com,
ivecera@redhat.com, f.fainelli@gmail.com, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 1/2] net: core: Notify on changes to dev->promiscuity.
Date: Thu, 29 Aug 2019 22:36:13 +0300 [thread overview]
Message-ID: <20190829193613.GA23259@splinter> (raw)
In-Reply-To: <20190829182957.GA17530@lunn.ch>
On Thu, Aug 29, 2019 at 08:29:57PM +0200, Andrew Lunn wrote:
> > Hi Andrew,
> >
> > What happens when you run tcpdump on a routed interface without putting
> > it in promiscuous mode ('-p')? If it is a pure software switch, then you
> > see all unicast packets addressed to your interface's MAC address. What
> > happens when the same is done on a hardware switch? With the proposed
> > solution you will not get the same result.
> >
> > On a software switch, when you run tcpdump without '-p', do you incur
> > major packet loss? No. Will this happen when you punt several Tbps to
> > your CPU on the hardware switch? Yes.
>
> Hi Ido
>
> Please think about the general case, not your hardware. A DSA switch
> generally has 1G ports. And the connection to the host is generally
> 1G, maybe 2.5G. So if i put one interface into promisc mode, i will
> probably receive the majority of the traffic on that port, so long as
> there is not too much traffic from other ports towards the CPU.
>
> I also don't expect any major packet loss in the switch. It is still
> hardware switching, but also sending a copy to the CPU. That copy will
> have the offload_fwd_mark bit set, so the bridge will discard the
> frame. The switch egress queue towards the CPU might overflow, but
> that means tcpdump does not get to see all the frames, and some
> traffic which is actually heading to the CPU is lost. But that can
> happen anyway.
The potential packet loss was only one example why using promiscuous
mode as an indication to punt all traffic to the CPU is wrong. I also
mentioned that you will not capture any traffic (besides
control/exception) when '-p' is specified.
> We should also think about the different classes of users. Somebody
> using a TOR switch with a NOS is very different to a user of a SOHO
> switch in their WiFi access point. The first probably knows tc very
> well, the second has probably never heard of it, and just wants
> tcpdump to work like on their desktop.
I fully agree that we should make it easy for users to capture offloaded
traffic, which is why I suggested patching libpcap. Add a flag to
capable netdevs that tells libpcap that in order to capture all the
traffic from this interface it needs to add a tc filter with a trap
action. That way zero familiarity with tc is required from users.
I really believe that instead of interpreting IFF_PROMISC in exotic ways
and pushing all this logic into the kernel, we should instead teach user
space utilities to capture offloaded traffic.
next prev parent reply other threads:[~2019-08-29 19:36 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-29 9:22 [PATCH v3 0/2] net: core: Notify on changes to dev->promiscuity Horatiu Vultur
2019-08-29 9:22 ` [PATCH v3 1/2] " Horatiu Vultur
2019-08-29 9:51 ` Jiri Pirko
2019-08-29 10:56 ` Horatiu Vultur
2019-08-29 12:18 ` Jiri Pirko
2019-08-29 12:44 ` Horatiu Vultur
2019-08-29 12:55 ` Ivan Vecera
2019-08-29 13:15 ` Andrew Lunn
2019-08-29 13:39 ` Ivan Vecera
2019-08-29 13:15 ` Horatiu Vultur
2019-08-29 13:26 ` Andrew Lunn
2019-08-29 13:49 ` Jiri Pirko
2019-08-29 14:37 ` Andrew Lunn
2019-08-29 17:57 ` Ido Schimmel
2019-08-29 18:29 ` Andrew Lunn
2019-08-29 19:36 ` Ido Schimmel [this message]
2019-08-29 22:12 ` David Miller
2019-08-30 5:39 ` Jiri Pirko
2019-08-30 6:02 ` David Miller
2019-08-30 6:36 ` Jiri Pirko
2019-08-30 6:54 ` Ivan Vecera
2019-08-30 7:13 ` David Miller
2019-08-30 7:12 ` David Miller
2019-08-30 7:21 ` Jiri Pirko
2019-08-30 7:32 ` David Miller
2019-08-30 8:01 ` Jiri Pirko
2019-09-02 17:42 ` Allan W. Nielsen
2019-09-02 17:51 ` Jiri Pirko
2019-09-02 18:05 ` Allan W. Nielsen
2019-09-02 18:45 ` Jiri Pirko
2019-09-03 6:13 ` Ido Schimmel
2019-09-03 8:14 ` Allan W. Nielsen
2019-09-08 10:15 ` Ido Schimmel
2019-08-30 9:43 ` Ido Schimmel
2019-08-31 19:35 ` Andrew Lunn
2019-08-31 20:47 ` Ido Schimmel
2019-09-01 18:48 ` Andrew Lunn
2019-09-02 17:55 ` Allan W. Nielsen
2019-09-01 6:54 ` Jiri Pirko
2019-08-29 22:10 ` David Miller
2019-08-29 22:08 ` David Miller
2019-08-30 6:13 ` Jiri Pirko
2019-08-30 6:18 ` David Miller
2019-08-30 7:26 ` Ivan Vecera
2019-08-29 9:22 ` [PATCH v3 2/2] net: mscc: Implement promisc mode Horatiu Vultur
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190829193613.GA23259@splinter \
--to=idosch@idosch.org \
--cc=UNGLinuxDriver@microchip.com \
--cc=alexandre.belloni@bootlin.com \
--cc=allan.nielsen@microchip.com \
--cc=andrew@lunn.ch \
--cc=davem@davemloft.net \
--cc=f.fainelli@gmail.com \
--cc=horatiu.vultur@microchip.com \
--cc=ivecera@redhat.com \
--cc=jiri@resnulli.us \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.