* Packet capture and Bonding asymmetries @ 2010-06-09 21:27 Paul LeoNerd Evans 2010-06-09 22:52 ` Jay Vosburgh 0 siblings, 1 reply; 4+ messages in thread From: Paul LeoNerd Evans @ 2010-06-09 21:27 UTC (permalink / raw) To: netdev [-- Attachment #1: Type: text/plain, Size: 1614 bytes --] We use ethernet bonding to bond eth0 + eth1 into bond0, in an active/standby failover pair. Given this is for redundancy, we put the two physical ethernet links into different switches that follow different paths in the data centre. Given this topology, it can be really useful to know which physical interface packets are received on. It seems the bonding driver doesn't make this happen: # uname -r 2.6.31.12 # head -1 /proc/net/bonding/bond0 Ethernet Channel Bonding Driver: v3.5.0 (November 4, 2008) # pktdump -f icmp [15:27:12] RX(bond0): ICMP| 192.168.57.6->192.168.57.1 echo-request seq=1 [15:27:12] TX(bond0): ICMP| 192.168.57.1->192.168.57.6 echo-reply seq=1 [15:27:12] TX(eth0): ICMP| 192.168.57.1->192.168.57.6 echo-reply seq=1 I.e. when we transmit we see both the virtual bond0 interface and the physical eth0 doing so; but when we receive only the virtual bond0 appears to do so. I believe this should be fixable with a one-line patch; just adding a call to netif_nit_deliver(skb) from within the bonding driver... though just offhand I'm unable to find exactly the line where packets received on slaves gets passed up to the master. :) Can anyone advise on the sensibility or otherwise of this plan? I really would like the behaviour where I can see how packets are received - is this a good plan to acheive it? I may sometime have a hack at writing a patch for this anyway, presuming no major objections... -- Paul "LeoNerd" Evans leonerd@leonerd.org.uk ICQ# 4135350 | Registered Linux# 179460 http://www.leonerd.org.uk/ [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 190 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Packet capture and Bonding asymmetries 2010-06-09 21:27 Packet capture and Bonding asymmetries Paul LeoNerd Evans @ 2010-06-09 22:52 ` Jay Vosburgh 2010-06-10 12:10 ` Paul LeoNerd Evans 2010-06-11 12:18 ` Paul LeoNerd Evans 0 siblings, 2 replies; 4+ messages in thread From: Jay Vosburgh @ 2010-06-09 22:52 UTC (permalink / raw) To: Paul LeoNerd Evans; +Cc: netdev Paul LeoNerd Evans <leonerd@leonerd.org.uk> wrote: >We use ethernet bonding to bond eth0 + eth1 into bond0, in an >active/standby failover pair. Given this is for redundancy, we put the >two physical ethernet links into different switches that follow >different paths in the data centre. > >Given this topology, it can be really useful to know which physical >interface packets are received on. It seems the bonding driver doesn't >make this happen: > > # uname -r > 2.6.31.12 > > # head -1 /proc/net/bonding/bond0 > Ethernet Channel Bonding Driver: v3.5.0 (November 4, 2008) > > # pktdump -f icmp > [15:27:12] RX(bond0): ICMP| 192.168.57.6->192.168.57.1 echo-request seq=1 > [15:27:12] TX(bond0): ICMP| 192.168.57.1->192.168.57.6 echo-reply seq=1 > [15:27:12] TX(eth0): ICMP| 192.168.57.1->192.168.57.6 echo-reply seq=1 > >I.e. when we transmit we see both the virtual bond0 interface and the >physical eth0 doing so; but when we receive only the virtual bond0 >appears to do so. > >I believe this should be fixable with a one-line patch; just adding a >call to netif_nit_deliver(skb) from within the bonding driver... though >just offhand I'm unable to find exactly the line where packets received >on slaves gets passed up to the master. :) This won't work, because bonding does not have a receive function in the usual sense. Instead, the slaves do their normal receive logic, and then in __netif_receive_skb, packets are assigned to the bonding master if the device is a slave. On the TX side, packet capture can happen at both the bonding device and at the slave, because the packet will pass through both. >Can anyone advise on the sensibility or otherwise of this plan? I really >would like the behaviour where I can see how packets are received - is >this a good plan to acheive it? For your own private testing, you could add a call to __netif_nit_deliver in netif_receive_skb prior to this part: master = ACCESS_ONCE(orig_dev->master); if (master) { if (skb_bond_should_drop(skb, master)) null_or_orig = orig_dev; /* deliver only exact match */ else skb->dev = master; } This will give you multiple captures of the same packet, as is seen for transmit (i.e., one on the slave, one on the bond). For non-bonding devices, tcpdump will see each packet twice on the same device, so it's not really suitable for general use. >I may sometime have a hack at writing a patch for this anyway, presuming >no major objections... If merely knowing the traffic counts is sufficient, the slaves do count their received packets individually, so, e.g., ifconfig will show how many packets a particular slave has received, regardless of what bonding does with them. The packet counts for the bonding device itself are merely a sum of all of its slaves. Also, generally speaking, IP protocol traffic that arrives on an inactive bonding slave is not delivered. If you're using active-backup mode, and your traffic makes it through, it likely arrived on the active slave. -J --- -Jay Vosburgh, IBM Linux Technology Center, fubar@us.ibm.com ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Packet capture and Bonding asymmetries 2010-06-09 22:52 ` Jay Vosburgh @ 2010-06-10 12:10 ` Paul LeoNerd Evans 2010-06-11 12:18 ` Paul LeoNerd Evans 1 sibling, 0 replies; 4+ messages in thread From: Paul LeoNerd Evans @ 2010-06-10 12:10 UTC (permalink / raw) To: Jay Vosburgh, netdev [-- Attachment #1: Type: text/plain, Size: 3073 bytes --] On Wed, Jun 09, 2010 at 03:52:31PM -0700, Jay Vosburgh wrote: > >I believe this should be fixable with a one-line patch; just adding a > >call to netif_nit_deliver(skb) from within the bonding driver... though > >just offhand I'm unable to find exactly the line where packets received > >on slaves gets passed up to the master. :) > > This won't work, because bonding does not have a receive > function in the usual sense. Instead, the slaves do their normal > receive logic, and then in __netif_receive_skb, packets are assigned to > the bonding master if the device is a slave. Ah; that would explain why I'm having trouble finding it then :) > For your own private testing, you could add a call to > __netif_nit_deliver in netif_receive_skb prior to this part: <snip> Rather than put it -before- that part, why not inside the if (master) arm? ----- diff -urp linux-2.6.33.2.orig/net/core/dev.c linux-2.6.33.2/net/core/dev.c --- linux-2.6.33.2.orig/net/core/dev.c 2010-04-02 00:02:33.000000000 +0100 +++ linux-2.6.33.2/net/core/dev.c 2010-06-10 12:58:24.000000000 +0100 @@ -2443,6 +2443,7 @@ int netif_receive_skb(struct sk_buff *sk orig_dev = skb->dev; master = ACCESS_ONCE(orig_dev->master); if (master) { + netif_nit_deliver(skb); if (skb_bond_should_drop(skb, master)) null_or_orig = orig_dev; /* deliver only exact match */ else ----- (This patch doesn't quite apply cleanly to latest source but if that approach seems OK I'll rebuild it and submit properly) > This will give you multiple captures of the same packet, as is > seen for transmit (i.e., one on the slave, one on the bond). For > non-bonding devices, tcpdump will see each packet twice on the same > device, so it's not really suitable for general use. I was hoping for a proper permanent solution - often it would have been useful to me, that eth0 appears to receive traffic properly to tcpdump et.al., as well as transmitting. > If merely knowing the traffic counts is sufficient, the slaves > do count their received packets individually, so, e.g., ifconfig will > show how many packets a particular slave has received, regardless of > what bonding does with them. The packet counts for the bonding device > itself are merely a sum of all of its slaves. I had noticed the counters, yes. That has been useful on occasions. But at other times we've really wanted to be able to see the actual traffic. > Also, generally speaking, IP protocol traffic that arrives on an > inactive bonding slave is not delivered. If you're using active-backup > mode, and your traffic makes it through, it likely arrived on the active > slave. Useful though that is, sometimes it's the fact that traffic appears on a non-active slave, which is interesting, and we'd like to see what traffic that was. -- Paul "LeoNerd" Evans leonerd@leonerd.org.uk ICQ# 4135350 | Registered Linux# 179460 http://www.leonerd.org.uk/ [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 190 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Packet capture and Bonding asymmetries 2010-06-09 22:52 ` Jay Vosburgh 2010-06-10 12:10 ` Paul LeoNerd Evans @ 2010-06-11 12:18 ` Paul LeoNerd Evans 1 sibling, 0 replies; 4+ messages in thread From: Paul LeoNerd Evans @ 2010-06-11 12:18 UTC (permalink / raw) To: Jay Vosburgh, netdev [-- Attachment #1: Type: text/plain, Size: 2165 bytes --] On Wed, Jun 09, 2010 at 03:52:31PM -0700, Jay Vosburgh wrote: > For your own private testing, you could add a call to > __netif_nit_deliver in netif_receive_skb prior to this part: > > master = ACCESS_ONCE(orig_dev->master); > if (master) { > if (skb_bond_should_drop(skb, master)) > null_or_orig = orig_dev; /* deliver only exact match */ > else > skb->dev = master; > } > > This will give you multiple captures of the same packet, as is > seen for transmit (i.e., one on the slave, one on the bond). For > non-bonding devices, tcpdump will see each packet twice on the same > device, so it's not really suitable for general use. As per my last post, I've just tested the following patch and found it to work just fine: # pktdump -f "icmp" -n [13:04:30] RX(eth0): ICMP| 192.168.56.1->192.168.56.6 echo-request seq=1 [13:04:30] RX(bond0): ICMP| 192.168.56.1->192.168.56.6 echo-request seq=1 [13:04:30] TX(bond0): ICMP| 192.168.56.6->192.168.56.1 echo-reply seq=1 [13:04:30] TX(eth0): ICMP| 192.168.56.6->192.168.56.1 echo-reply seq=1 I'll resubmit the patch properly for latest kernel version; this being 2.6.31.12 doesn't apply cleanly to upstream: ----- --- linux-2.6.31.12-router/net/core/dev.c 2010-01-18 18:30:45.000000000 +0000 +++ linux-2.6.31.12-router_leobonding/net/core/dev.c 2010-06-11 12:39:43.000000000 +0100 @@ -2265,6 +2265,7 @@ null_or_orig = NULL; orig_dev = skb->dev; if (orig_dev->master) { + netif_nit_deliver(skb); if (skb_bond_should_drop(skb)) null_or_orig = orig_dev; /* deliver only exact match */ else ----- This patch quite deliberately includes packets arriving from non-active bonding slaves, because the intention of tcpdump, pktdump, et.al., is to see "close to the wire"; a view of what's happening down that physical ethernet cable. -- Paul "LeoNerd" Evans leonerd@leonerd.org.uk ICQ# 4135350 | Registered Linux# 179460 http://www.leonerd.org.uk/ [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 190 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2010-06-11 12:18 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2010-06-09 21:27 Packet capture and Bonding asymmetries Paul LeoNerd Evans 2010-06-09 22:52 ` Jay Vosburgh 2010-06-10 12:10 ` Paul LeoNerd Evans 2010-06-11 12:18 ` Paul LeoNerd Evans
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).