From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.5 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS, URIBL_BLOCKED,USER_AGENT_MUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2FF38C43381 for ; Fri, 15 Feb 2019 13:53:53 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id F2AEC218AC for ; Fri, 15 Feb 2019 13:53:52 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com header.b="URvKG/en" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732188AbfBONxv (ORCPT ); Fri, 15 Feb 2019 08:53:51 -0500 Received: from out2-smtp.messagingengine.com ([66.111.4.26]:53497 "EHLO out2-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726869AbfBONxv (ORCPT ); Fri, 15 Feb 2019 08:53:51 -0500 Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 3F94222A7A; Fri, 15 Feb 2019 08:53:50 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Fri, 15 Feb 2019 08:53:50 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=AXgqyq kUKhYRKGdlJ6wM1vw+qWa0bHAxgV24NaYqVIE=; b=URvKG/enjcajJapWtMX+YY aVn0RtdAlKDuLzIdS3I9IMAX/VPP7K6X8X+TWmw/sl+rfQ3LgaZn5NB8vmyPdP+0 nLcGC+/6hIathD4YNxvMAmu0y688LzQWoo/A8Z9Mlmz154LJpQgMxhNePCH7Oq/i Ad+FtwTPQXpxSAJ1ZW6P3adLMxGgq7RpHj06k2hCE+He5Qu0N2p3hDRhvolWAdkY fSNEZVoilkb+ao8O/kpLRVQwDR0Bwo+E3iG35fROCHsInKu0/GvyjtzLYKL0tBjM h5WyFPCLTo4D+A6MRzyZ//hERX0nqeEO79DhjNQl3nx4pc1ZyZCVehTd4n+AwpOw == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledruddtjedgheeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfquhhtnecuuegrihhlohhuthemucef tddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpeffhffvuffkfh ggtggujggfsehttdertddtredvnecuhfhrohhmpefkughoucfutghhihhmmhgvlhcuoehi ughoshgthhesihguohhstghhrdhorhhgqeenucfkphepjeelrddujeeirdejrdduudehne curfgrrhgrmhepmhgrihhlfhhrohhmpehiughoshgthhesihguohhstghhrdhorhhgnecu vehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from localhost (bzq-79-176-7-115.red.bezeqint.net [79.176.7.115]) by mail.messagingengine.com (Postfix) with ESMTPA id 15F9910317; Fri, 15 Feb 2019 08:53:47 -0500 (EST) Date: Fri, 15 Feb 2019 15:53:46 +0200 From: Ido Schimmel To: Nikolay Aleksandrov Cc: netdev@vger.kernel.org, roopa@cumulusnetworks.com, wkok@cumulusnetworks.com, anuradhak@cumulusnetworks.com, bridge@lists.linux-foundation.org, linus.luessing@c0d3.blue, davem@davemloft.net, stephen@networkplumber.org Subject: Re: [PATCH RFC] net: bridge: don't flood known multicast traffic when snooping is enabled Message-ID: <20190215135346.GB13875@splinter> References: <20190215130427.29824-1-nikolay@cumulusnetworks.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190215130427.29824-1-nikolay@cumulusnetworks.com> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On Fri, Feb 15, 2019 at 03:04:27PM +0200, Nikolay Aleksandrov wrote: > The behaviour since b00589af3b04 ("bridge: disable snooping if there is > no querier") is wrong, we shouldn't be flooding multicast traffic when > there is an mdb entry and we know where it should be forwarded to when > multicast snooping is enabled. This patch changes the behaviour to not > flood known unicast traffic. I'll give two obviously broken cases: > - most obvious: static mdb created by the user with snooping enabled > - user-space daemon controlling the mdb table (e.g. MLAG) > > Every user would expect to have traffic forwarded only to the configured > mdb destination when snooping is enabled, instead now to get that one > needs to enable both snooping and querier. Enabling querier on all > switches could be problematic and is not a good solution, for example > as summarized by our multicast experts: > "every switch would send an IGMP query for any random multicast traffic it > received across the entire domain and it would send it forever as long as a > host exists wanting that stream even if it has no downstream/directly > connected receivers" > > Sending as an RFC to get the discussion going, but I'm strongly for > removing this behaviour and would like to send this patch officially. > > We could make this behaviour possible via a knob if necessary, but > it really should not be the default. > > Signed-off-by: Nikolay Aleksandrov Yes. This is great! :) I had to enable a multicast querier when testing static mdb entries only because the test was "too long" and this check kicked in. Never made sense to me. Lets drop it if we can. Reviewed-by: Ido Schimmel