From: "Linus Lüssing" <linus.luessing@c0d3.blue>
To: Hangbin Liu <liuhangbin@gmail.com>
Cc: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>,
netdev@vger.kernel.org, roopa@cumulusnetworks.com,
bridge@lists.linux-foundation.org, davem@davemloft.net,
yinxu@redhat.com
Subject: Re: [Bridge] [PATCH net] net: bridge: remove ipv6 zero address check in mcast queries
Date: Thu, 13 Dec 2018 17:10:28 +0100 [thread overview]
Message-ID: <20181213161027.GC1713@otheros> (raw)
In-Reply-To: <20181029013316.GK24677@leo.usersys.redhat.com>
Even though RFC4541 recommends this, I'm not quite sure whether
this works... even for IGMP.
I think this would lead to multicast packet loss in a scenario
like this:
----------
[Switch A] -------------- [Switch B]
/ /
/ /
/ /
(Host A) (Host B)
- Snooping Switches: Switch A + Switch B
- Selected Querier: Switch A, with 0.0.0.0 query source
- Multicast Listener: Host A
- Multicast Data Sender: Host B
1) Host A sends IGMP report to Switch A
2) Switch A refrains from forwarding it to Switch B
(reports are only forwarded to multicast routers according to
RFC4541)
=> Switch B does not learn about listeners on Host A
Now, with this patch and recommendation in RFC4541 to not add queries
with a 0.0.0.0 source address to the multicast router port list:
3) Host B sends multicast data to Switch B
=> Switch B does not forward it to Switch A as it neither
detected a multicast listener nor multicast router on
the according port.
=> Host A does not receive the multicast data it signed up for
(Or with colors:
https://metameute.de/~tux/linux/bridge/query-zero-source-no-mcrouter-port.png)
----------
Alternatively we would need to ignore 0.0.0.0 for the querier
election and "querier present" detection. And by that disable
multicast snooping if there are no queries from a non-zero source
address.
But I'm a little hesitant whether ignoring is a reliable way as
IGMPv3 (RFC3376) and IGMPv2 (RFC2236) make no such restrictions
regarding the query source address.
With no such restrictions according to RFC3376/RFC2236 a 0.0.0.0
would always win the querier election. Meaning any potential
querier with a non-zero source address would remain silent.
Meaning we would always disable multicast snooping then?
Adding queriers with a 0.0.0.0 source address to the multicast
router list, too, seems like a less harmful way then disabling multicast
snooping completely?
----------
However, one of the two options seems to be necessary. Either
reverting the patch for the IGMP part, too. Or Ignoring 0.0.0.0
sources for querier eletcion and presence detection.
The current state seems broken to me unless I'm missing something.
next prev parent reply other threads:[~2018-12-13 16:10 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-27 0:50 [net:master 17/19] net//bridge/br_multicast.c:1432:32: error: 'union <anonymous>' has no member named 'ip6'; did you mean 'ip4'? kbuild test robot
2018-10-27 7:10 ` Nikolay Aleksandrov
2018-10-27 9:07 ` [PATCH net] net: bridge: remove ipv6 zero address check in mcast queries Nikolay Aleksandrov
2018-10-28 15:20 ` [Bridge] " Stephen Hemminger
2018-10-28 16:09 ` Nikolay Aleksandrov
2018-10-29 1:33 ` Hangbin Liu
2018-12-13 16:10 ` Linus Lüssing [this message]
2018-12-14 2:32 ` Ying Xu
2018-12-17 13:15 ` [Bridge] " Linus Lüssing
2019-02-21 8:01 ` Hangbin Liu
2019-02-21 13:20 ` Nikolay Aleksandrov
2019-02-22 7:57 ` Hangbin Liu
2019-02-22 11:16 ` Nikolay Aleksandrov
2019-02-22 12:49 ` Hangbin Liu
2018-10-29 2:18 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181213161027.GC1713@otheros \
--to=linus.luessing@c0d3.blue \
--cc=bridge@lists.linux-foundation.org \
--cc=davem@davemloft.net \
--cc=liuhangbin@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=nikolay@cumulusnetworks.com \
--cc=roopa@cumulusnetworks.com \
--cc=yinxu@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).