From: David Miller <davem@davemloft.net>
To: jay.vosburgh@canonical.com
Cc: netdev@vger.kernel.org, vfalico@gmail.com, gospo@cumulusnetworks.com
Subject: Re: [PATCH net v2] bonding: Fix ARP monitor validation
Date: Sun, 07 Feb 2016 14:26:45 -0500 (EST) [thread overview]
Message-ID: <20160207.142645.2230058287676177228.davem@davemloft.net> (raw)
In-Reply-To: <29855.1454448956@famine>
From: Jay Vosburgh <jay.vosburgh@canonical.com>
Date: Tue, 02 Feb 2016 13:35:56 -0800
>
> The current logic in bond_arp_rcv will accept an incoming ARP for
> validation if (a) the receiving slave is either "active" (which includes
> the currently active slave, or the current ARP slave) or, (b) there is a
> currently active slave, and it has received an ARP since it became active.
> For case (b), the receiving slave isn't the currently active slave, and is
> receiving the original broadcast ARP request, not an ARP reply from the
> target.
>
> This logic can fail if there is no currently active slave. In
> this situation, the ARP probe logic cycles through all slaves, assigning
> each in turn as the "current_arp_slave" for one arp_interval, then setting
> that one as "active," and sending an ARP probe from that slave. The
> current logic expects the ARP reply to arrive on the sending
> current_arp_slave, however, due to switch FDB updating delays, the reply
> may be directed to another slave.
>
> This can arise if the bonding slaves and switch are working, but
> the ARP target is not responding. When the ARP target recovers, a
> condition may result wherein the ARP target host replies faster than the
> switch can update its forwarding table, causing each ARP reply to be sent
> to the previous current_arp_slave. This will never pass the logic in
> bond_arp_rcv, as neither of the above conditions (a) or (b) are met.
>
> Some experimentation on a LAN shows ARP reply round trips in the
> 200 usec range, but my available switches never update their FDB in less
> than 4000 usec.
>
> This patch changes the logic in bond_arp_rcv to additionally
> accept an ARP reply for validation on any slave if there is a current ARP
> slave and it sent an ARP probe during the previous arp_interval.
>
> Fixes: aeea64ac717a ("bonding: don't trust arp requests unless active slave really works")
> Cc: Veaceslav Falico <vfalico@gmail.com>
> Cc: Andy Gospodarek <gospo@cumulusnetworks.com>
> Signed-off-by: Jay Vosburgh <jay.vosburgh@canonical.com>
I'm going to wait until we get some feedback from Uwe if you don't mind
Jay, it would be nice to know if it solves their problem too.
next prev parent reply other threads:[~2016-02-07 19:26 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-02 21:35 [PATCH net v2] bonding: Fix ARP monitor validation Jay Vosburgh
2016-02-03 19:40 ` Jarod Wilson
2016-02-03 20:23 ` Jay Vosburgh
2016-02-07 19:26 ` David Miller [this message]
2016-02-08 6:03 ` Jay Vosburgh
2016-02-13 10:55 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160207.142645.2230058287676177228.davem@davemloft.net \
--to=davem@davemloft.net \
--cc=gospo@cumulusnetworks.com \
--cc=jay.vosburgh@canonical.com \
--cc=netdev@vger.kernel.org \
--cc=vfalico@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).