From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: From: Simon Wunderlich Date: Wed, 12 Sep 2018 10:34:59 +0200 Message-ID: <3502401.iodOTMQ5x1@prime> In-Reply-To: References: MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart3462981.SDl0MpOOeX"; micalg="pgp-sha512"; protocol="application/pgp-signature" Subject: Re: [B.A.T.M.A.N.] Network loops on gateways join List-Id: The list for a Better Approach To Mobile Ad-hoc Networking List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: b.a.t.m.a.n@lists.open-mesh.org --nextPart3462981.SDl0MpOOeX Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Hi Francesco, On Tuesday, September 11, 2018 4:38:13 PM CEST Francesco Salvatore [fabbricadigitale] wrote: > Hi all, > We're running a mesh network made of a cloud of clients and multiple > gateways on two separate VLANs (on eth0, not on top of BATMAN). > The setup is similar to the one described in the figure. > https://www.open-mesh.org/attachments/download/132/Test_2xLAN.dia.png > > We noticed that, sometimes, when new gateways are added to the already > running infrastructure network loops appear on VLANs > We dumped VLANs network traffic during one of these loops and we saw a storm > of BLA frames that collapsed the network. It seems that the frame (an > ANNOUNCE one, in this case) was firstly generated by a gateway and started > to loop inside the LAN, and then even the others gateways propagated the > same frame. After a few seconds also other frames (coming from different > gateways) started to loop. > > Our hypothesis is that one of gateways directly injects BLA frames inside > mesh and that lead to an unmanageable loop. So, we have 2 questions: > - Are BLA frames (except for LOOP DETECT) allowed to flow only on > LAN? Yes, all frames except LOOP DETECT are blocked in BATMAN > - If so, is our hypothesis reasonable? > > You can see the situation described above in the screenshot below. > http://oi63.tinypic.com/v7wl1w.jpg Unfortunately the screenshot doesn't describe which packets looped exactly. Are you sure it's an announce frame? It could also be a claim frame where two hosts try to claim hosts from each other. BATMAN has a grace period to allow broadcasts from the LAN only after 1 minute of operation. This is done to make sure that the mesh is properly established and other gateways and their claims are detected before traffic is allowed on it, at least potentially looping traffic. Therefore, you should make sure (e.g. in your firmware or setup scripts) that the LAN is operational once batman is brought op. If the mesh isn't fully established or it's actually split due to different channels or similar, then you may run in an unresolved limitation of BLA: https://www.open-mesh.org/projects/batman-adv/wiki/Bridge-loop-avoidance-II#Limitations For this reason we have the loop detect packets. If a loop is detected, an uevent is sent to userspace, and the firmware should react appropiately, e.g. by shutting down batman-adv. Cheers, Simon --nextPart3462981.SDl0MpOOeX Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE1ilQI7G+y+fdhnrfoSvjmEKSnqEFAluYz7MACgkQoSvjmEKS nqFl0xAAkdEFT+DOTJIHXtuEleGn1yCNubG/3RbgqsPDIYQ8BaN+c3sjMco6ZKI+ r1kepm8whTV2tiPEn+5Yhu5sw6AvYp0v9pX5BpHep/2KdrMHGFuoe1zmXAAfmdsP FlRpqpN+TVyht86SC2V8a+K0t+wY5WyHzR1q5DlQvin83ckbGpkadUu3Vq6pxdD4 gPUA6rHoieiYHlKD+25rcM50/mXxNPUjnl92g9PZ/UHaTqk3ndIkHYFqdpDLv6gQ iHYufYqbXB031E1EfvC8BRe+PXUzujA1v2lhDVVFM2SL5z5s+VqX6glRR7qJ/dvW GSeUxUqHTz7FQmkSfg4UdGEYdPa5XanVueYRTK+ceg8v5fp9xmuHS21dO9A6u74z Zip9cPGDl131Y4kUCwBSIk/t7CgYujxUxgw1l2rvoS0aCuJQucjzcA55v7VH9pP1 zehCpkWx1YU49T9hl1w9eZ67cINkr9O+YgjRVT1MvHBYUb/7PgQKJhsEsKWUxEW+ YzuK3joS0Q0L4p0skWybl0vjVg+uQB52spEH8QxtymvCoOazG2TGyBZh3Giu2UGf 8L6OGEUVrndAE5JF6u+6/xwGhIlNdW6dj5nHf+1fVUYcoi/VHLZu99qTLGbunROH LkxCAWwCVZ8PjE+pm6pQANOQ5SOknvETsapBMD/jhzoWaLJCF+8= =PFWv -----END PGP SIGNATURE----- --nextPart3462981.SDl0MpOOeX--