From: roopa <roopa@cumulusnetworks.com>
To: "Arad, Ronen" <ronen.arad@intel.com>
Cc: "stephen@networkplumber.org" <stephen@networkplumber.org>,
"davem@davemloft.net" <davem@davemloft.net>,
"jhs@mojatatu.com" <jhs@mojatatu.com>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"sfeldma@gmail.com" <sfeldma@gmail.com>,
"jiri@resnulli.us" <jiri@resnulli.us>,
"tgraf@suug.ch" <tgraf@suug.ch>,
"john.fastabend@gmail.com" <john.fastabend@gmail.com>,
"vyasevic@redhat.com" <vyasevic@redhat.com>,
"wkok@cumulusnetworks.com" <wkok@cumulusnetworks.com>,
"gospo@cumulusnetworks.com" <gospo@cumulusnetworks.com>
Subject: Re: [RFC PATCH net-next] bridge: ability to disable forwarding on a port
Date: Sun, 18 Jan 2015 00:48:53 -0800 [thread overview]
Message-ID: <54BB7375.2070803@cumulusnetworks.com> (raw)
In-Reply-To: <E4CD12F19ABA0C4D8729E087A761DC3505DF57DB@ORSMSX101.amr.corp.intel.com>
On 1/17/15, 1:14 PM, Arad, Ronen wrote:
>
>> -----Original Message-----
>> From: roopa@cumulusnetworks.com [mailto:roopa@cumulusnetworks.com]
>> Sent: Friday, January 16, 2015 11:33 PM
>> To: stephen@networkplumber.org; davem@davemloft.net; jhs@mojatatu.com;
>> sfeldma@gmail.com; jiri@resnulli.us; Arad, Ronen; tgraf@suug.ch;
>> john.fastabend@gmail.com; vyasevic@redhat.com
>> Cc: netdev@vger.kernel.org; wkok@cumulusnetworks.com;
>> gospo@cumulusnetworks.com
>> Subject: [RFC PATCH net-next] bridge: ability to disable forwarding on a port
>>
>> From: Roopa Prabhu <roopa@cumulusnetworks.com>
>>
>> On a Linux bridge with bridge forwarding offloaded to a switch ASIC,
>> there is a need to not re-forward the frames that come up to the
>> kernel in software.
>>
>> Typically these are broadcast or multicast packets forwarded by the
>> hardware to multiple destination ports including sending a copy of
>> the packet to the kernel (e.g. an arp broadcast).
>> The bridge driver will try to forward the packet again, resulting in
>> two copies of the same packet.
>>
>> These packets can also come up to the kernel for logging when they hit
>> a LOG acl in hardware.
>>
>> This patch makes forwarding a flag on the port similar to
>> learn and flood and drops the packet just before forwarding.
>> (The forwarding disable on a bridge is tested to work on our boxes.
>> The bridge port flag addition is only compile tested.
>> This will need to be further refined to cover cases where a non-switch port
>> is bridged to a switch port etc. We will submit more patches to cover
>> all cases if we agree on this approach).
>>
>> Other ways to solve the same problem could be to:
>> - use the offload feature flag on these switch ports to avoid the
>> re-forward:
>> https://www.marc.info/?l=linux-netdev&m=141820235010603&w=2
>>
>> - Or the switch driver can mark or set a flag in the skb, which the bridge
>> driver can use to avoid a re-forward.
>>
> The proposed patch does not go along with the offload feature flag.
> The premise of the offload feature flag is that offloading is driven by the
> switch port driver without user intervention. This patch requires different
> setting for BR_FLOOD in the software bridge port and the switch port driver.
Even with the offload feature flag, there are a few bridge port
attributes that can be set
from userspace which can be different for sw and hw. So, with this patch
I was
trying to see if making it similar to the other existing flags would be
better.
> The alternatives suggested (offload flag or skb flag) are better.
Glad to know your opinion.
>
> The proposed patch avoids re-forward but not without cost. For example in the
> case of unicast flood with local destination, the skb is cloned for each port
> before the forward avoidance in __br_forward. Is it acceptable overhead?
This patch places it in __br_forward to just make sure all the paths
including the netfilter
hook is traversed for these packets. And plus it was written with
minimal changes in mind.
We have not measured it but the extra overhead for these pkts that hit
the kernel has been negligible. But, I will look at the code to see if
it can be avoided.
Thanks,
Roopa
next prev parent reply other threads:[~2015-01-18 8:48 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-17 7:32 [RFC PATCH net-next] bridge: ability to disable forwarding on a port roopa
2015-01-17 21:14 ` Arad, Ronen
2015-01-18 8:48 ` roopa [this message]
2015-01-18 1:05 ` Scott Feldman
2015-01-18 9:10 ` roopa
2015-01-18 20:55 ` roopa
2015-01-19 7:37 ` Scott Feldman
2015-01-20 6:20 ` roopa
2015-01-20 7:09 ` Samudrala, Sridhar
2015-01-20 13:59 ` roopa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54BB7375.2070803@cumulusnetworks.com \
--to=roopa@cumulusnetworks.com \
--cc=davem@davemloft.net \
--cc=gospo@cumulusnetworks.com \
--cc=jhs@mojatatu.com \
--cc=jiri@resnulli.us \
--cc=john.fastabend@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=ronen.arad@intel.com \
--cc=sfeldma@gmail.com \
--cc=stephen@networkplumber.org \
--cc=tgraf@suug.ch \
--cc=vyasevic@redhat.com \
--cc=wkok@cumulusnetworks.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.