From: Ido Schimmel <idosch@idosch.org>
To: Russell King - ARM Linux admin <linux@armlinux.org.uk>,
nikolay@cumulusnetworks.com, linus.luessing@c0d3.blue
Cc: Ido Schimmel <idosch@mellanox.com>,
Vivien Didelot <vivien.didelot@gmail.com>,
Florian Fainelli <f.fainelli@gmail.com>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
Jiri Pirko <jiri@resnulli.us>, "andrew@lunn.ch" <andrew@lunn.ch>,
"davem@davemloft.net" <davem@davemloft.net>
Subject: Re: [RFC net-next] net: dsa: add support for MC_DISABLED attribute
Date: Sat, 29 Jun 2019 19:29:45 +0300 [thread overview]
Message-ID: <20190629162945.GB17143@splinter> (raw)
In-Reply-To: <20190623074427.GA21875@splinter>
On Sun, Jun 23, 2019 at 10:44:27AM +0300, Ido Schimmel wrote:
> On Sun, Jun 23, 2019 at 08:26:05AM +0100, Russell King - ARM Linux admin wrote:
> > On Sun, Jun 23, 2019 at 07:09:52AM +0000, Ido Schimmel wrote:
> > > When multicast snooping is enabled unregistered multicast traffic should
> > > only be flooded to mrouter ports.
> >
> > Given that IPv6 relies upon multicast working, and multicast snooping
> > is a kernel configuration option, and MLD messages will only be sent
> > when whenever the configuration on the target changes, and there may
> > not be a multicast querier in the system, who does that ensure that
> > IPv6 can work on a bridge where the kernel configured and built with
> > multicast snooping enabled?
>
> See commit b00589af3b04 ("bridge: disable snooping if there is no
> querier"). I think that's unfortunate behavior that we need because
> multicast snooping is enabled by default. If it weren't enabled by
> default, then anyone enabling it would also make sure there's a querier
> in the network.
Linus, Nik,
I brought this problem in the past, but we didn't reach a solution, so
I'll try again :)
The problem:
Even if multicast snooping is enabled, the bridge driver will flood
multicast packets to all the ports if no querier was detected on the
link. The querier states (IPv4 & IPv6) are not currently reflected to
switchdev drivers which means that the hardware data path will only
flood unregistered multicast packets to mrouter ports (which can be an
empty list).
In default configurations (where multicast snooping is enabled and the
bridge querier is disabled), this can prevent IPv6 ping from passing, as
there are no mrouter ports and there is no MDB entry corresponding to
the solicited-node multicast address.
Is there anything we can do about it? Enable the bridge querier if no
other querier was detected? Commit c5c23260594c ("bridge: Add
multicast_querier toggle and disable queries by default") disabled
queries by default, but I'm only suggesting to turn them on if no other
querier was detected on the link. Do you think it's still a problem?
I would like to avoid having drivers take the querier state into account
as it will only complicate things further.
Thanks
next prev parent reply other threads:[~2019-06-29 16:29 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-20 23:56 [RFC net-next] net: dsa: add support for MC_DISABLED attribute Vivien Didelot
2019-06-21 2:24 ` Florian Fainelli
2019-06-21 21:29 ` Vivien Didelot
2019-06-21 22:09 ` Russell King - ARM Linux admin
2019-06-23 7:09 ` Ido Schimmel
2019-06-23 7:26 ` Russell King - ARM Linux admin
2019-06-23 7:44 ` Ido Schimmel
2019-06-29 16:29 ` Ido Schimmel [this message]
2019-06-30 16:56 ` Linus Lüssing
2019-07-02 14:27 ` Nikolay Aleksandrov
2019-07-02 17:11 ` Ido Schimmel
[not found] ` <20190702231308.GA2414@otheros>
2019-07-07 9:07 ` Ido Schimmel
2019-07-05 16:01 ` Vivien Didelot
2019-07-07 10:28 ` Ido Schimmel
2019-06-23 6:48 ` Ido Schimmel
2019-06-29 15:31 ` Ido Schimmel
2019-06-29 23:06 ` Andrew Lunn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190629162945.GB17143@splinter \
--to=idosch@idosch.org \
--cc=andrew@lunn.ch \
--cc=davem@davemloft.net \
--cc=f.fainelli@gmail.com \
--cc=idosch@mellanox.com \
--cc=jiri@resnulli.us \
--cc=linus.luessing@c0d3.blue \
--cc=linux@armlinux.org.uk \
--cc=netdev@vger.kernel.org \
--cc=nikolay@cumulusnetworks.com \
--cc=vivien.didelot@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).