From: Andrew Lunn <andrew@lunn.ch>
To: Florian Fainelli <f.fainelli@gmail.com>
Cc: netdev <netdev@vger.kernel.org>,
Vivien Didelot <vivien.didelot@savoirfairelinux.com>,
nikolay@cumulusnetworks.com, jiri@mellanox.com,
roopa@cumulusnetworks.com, stephen@networkplumber.org,
bridge@lists.linux-foundation.org
Subject: Re: [PATCH RFC WIP 0/5] IGMP snooping for local traffic
Date: Mon, 28 Aug 2017 15:45:29 +0200 [thread overview]
Message-ID: <20170828134529.GC10418@lunn.ch> (raw)
In-Reply-To: <b5bf300b-58c1-d7a7-8851-651683a234b0@gmail.com>
On Sun, Aug 27, 2017 at 07:44:15PM -0700, Florian Fainelli wrote:
> Hi Andrew,
>
> On 08/26/2017 01:56 PM, Andrew Lunn wrote:
> > This is a WIP patchset i would like comments on from bridge,
> > switchdev and hardware offload people.
> >
> > The linux bridge supports IGMP snooping. It will listen to IGMP
> > reports on bridge ports and keep track of which groups have been
> > joined on an interface. It will then forward multicast based on this
> > group membership.
> >
> > When the bridge adds or removed groups from an interface, it uses
> > switchdev to request the hardware add an mdb to a port, so the
> > hardware can perform the selective forwarding between ports.
> >
> > What is not covered by the current bridge code, is IGMP joins/leaves
> > from the host on the brX interface. No such monitoring is performed.
> > With a pure software bridge, it is not required. All mulitcast frames
> > are passed to the brX interface, and the network stack filters them,
> > as it does for any interface. However, when hardware offload is
> > involved, things change. We should program the hardware to only send
> > multcast packets to the host when the host has in interest in them.
>
> OK, so if I understand this right, without a bridge, we have the
> following happen today: with a DSA-enabled setup using any kind of
> switch tagging protocol, if a host is interested in receiving particular
> multicast traffic, we would receive IGMP joins/leaves through sw0p0, and
> the stack should call ndo_set_rx_mode for sw0p0, which would be
> dsa_slave_set_rx_mode() and which would synchronize the DSA master
> network device with the slave network device, everything works fine
> provided that the CPU port is configured to accept multicast traffic.
Hi Florian
That sounds about right, but it is not a use case i've looked at yet.
I do need to look at it though, because there is a chance i break it
with IGMP snooping support.
> Note here that we don't really add a MDB entry for sw0p0 when that
> happens, but it seems like we should for switches that lack IGMP
> snooping and/or multicast filtering.
Yes. But it is not an MDB in the normal sense, at least from the
switches perspective. An MDB passed to a switch using switchdev says
that traffic for the specified group should go out that port. However,
when the host does a join on sw0p0, we want the exact opposite,
multicast traffic coming in that port of the switch which matches the
group should be forwarded to the host. So my second attempt at this
code adds a new switchdev object, SWITCHDEV_OBJ_ID_PORT_HOST_MDB.
> With the current bridge and DSA code, are not we actually always going
> to get the CPU port to be added with the multicast address and therefore
> no filtering is occurring and snooping is pretty much useless?
Correct. At the moment, all multicast traffic gets delivered to the
host.
> While I understand the reasons why you did it that way, I think this is
> going to break a lot of code in bridge that does not expect brX to be a
> bridge port member.
It does.
Nikolay suggestion works a lot better, and i'm following that now. It
looks good and only requires some minor tweaks to the bridge code.
Andrew
next prev parent reply other threads:[~2017-08-28 13:45 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-26 20:56 [PATCH RFC WIP 0/5] IGMP snooping for local traffic Andrew Lunn
2017-08-26 20:56 ` [PATCH RFC WIP 1/5] net: rtnetlink: Handle bridge port without upper device Andrew Lunn
2017-08-26 20:56 ` [PATCH RFC WIP 2/5] net: bridge: Skip receive handler on brX interface Andrew Lunn
2017-08-26 20:56 ` [PATCH RFC WIP 3/5] net: bridge: Make the brX interface a member of the bridge Andrew Lunn
2017-08-26 20:56 ` [PATCH RFC WIP 4/5] net: dsa: HACK: Handle MDB add/remove for none-switch ports Andrew Lunn
2017-08-26 20:56 ` [PATCH RFC WIP 5/5] net: dsa: Don't include CPU port when adding MDB to a port Andrew Lunn
2017-08-26 22:17 ` [PATCH RFC WIP 0/5] IGMP snooping for local traffic Nikolay Aleksandrov
2017-08-26 22:40 ` Nikolay Aleksandrov
2017-08-26 23:02 ` Andrew Lunn
2017-08-28 2:44 ` Florian Fainelli
2017-08-28 13:45 ` Andrew Lunn [this message]
2017-08-28 15:11 ` Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170828134529.GC10418@lunn.ch \
--to=andrew@lunn.ch \
--cc=bridge@lists.linux-foundation.org \
--cc=f.fainelli@gmail.com \
--cc=jiri@mellanox.com \
--cc=netdev@vger.kernel.org \
--cc=nikolay@cumulusnetworks.com \
--cc=roopa@cumulusnetworks.com \
--cc=stephen@networkplumber.org \
--cc=vivien.didelot@savoirfairelinux.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).