From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id DE6E1C43381 for ; Sun, 17 Feb 2019 03:05:24 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 958B721B69 for ; Sun, 17 Feb 2019 03:05:24 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ATpMOWL5" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727656AbfBQDFX (ORCPT ); Sat, 16 Feb 2019 22:05:23 -0500 Received: from mail-pf1-f196.google.com ([209.85.210.196]:34444 "EHLO mail-pf1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727063AbfBQDFX (ORCPT ); Sat, 16 Feb 2019 22:05:23 -0500 Received: by mail-pf1-f196.google.com with SMTP id j18so6814066pfe.1 for ; Sat, 16 Feb 2019 19:05:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=FkmYVtcxj8X/tS7DTWwDr0+msVviMTIn6EcmkMD1fgw=; b=ATpMOWL5N4uUWj/udhRoB21cPAmwOTRfopbSuJn3ypttKAyXxqk1YQ6jJtVGa1xgqx Ritzup57PvEvvq7lmcafivlOyASfMVDm47Bq6OZuTzs8w7U89QVvhGYQlCJngHGfXqGI AfKxis2pvwblTOVfk8TUExtWDQsyLBlkQGVNDTtmSC6QO67tYEo9X+vXxrUbR+nZxfe9 9jgfwAFLUyM/mIDRojRtg6h4uBHbw9L7ltc8Luv2jVQXaxMuDJnn3wVFbNOBkp8g44ti S1tcdNhUtz3kH+buDE0UABUYIm/3nMQ/mL39yV+f1x+a8fTG93sxjwayD4rt/iX7rtb3 HaGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=FkmYVtcxj8X/tS7DTWwDr0+msVviMTIn6EcmkMD1fgw=; b=KDarXeU4xcgikt6gNqGeJVu/3mUBfOyDQP5Xj1hVZwpj1BwZmCSO88q0pSrgJXk/gV 4JipJw6h8s5cJ4bgYCpYX+5TtPpOO3+Gx+TukZ7KXqHCBRHarGY+K8TpFSZydfgPXAMe JWYqK1nX7LY9ZKCwLLHNO3p/nzNPFW3MzXrvRpTIzFNe/ADxlF840TNCV1YFCf8tiZJ+ /gjGqlVarkfQ+3On5D6mMjQRwnZlRYNhxHUg8WMuepOtVYbbcmAhXrGpoNHTilLWLI76 4nt8ea3nvfT746tQShyMjWUEuaG5LEbFj2OwiOosN/nD6ruU2nVBYksg/EnomCCy6+aH d4XQ== X-Gm-Message-State: AHQUAuYCq8Bmq8Ih6bYqfKWRFks0SJ6gKX8oNG2LIU+eDgzuSDY9lhqS Ffw97paq8pxhIxO93486iL4= X-Google-Smtp-Source: AHgI3Ibjt0FUCAFSuZgN8yXoRCjXyBKU8BeRTWNmc3e7Mw/ZdfQRgDlzPK1wXJj4FIIZiwFVV95zSw== X-Received: by 2002:a62:e910:: with SMTP id j16mr3911191pfh.44.1550372721752; Sat, 16 Feb 2019 19:05:21 -0800 (PST) Received: from [192.168.1.3] (ip68-228-73-187.oc.oc.cox.net. [68.228.73.187]) by smtp.gmail.com with ESMTPSA id v26sm13118754pfg.62.2019.02.16.19.05.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 16 Feb 2019 19:05:20 -0800 (PST) Subject: Re: [PATCH RFC] net: bridge: don't flood known multicast traffic when snooping is enabled To: Nikolay Aleksandrov , netdev@vger.kernel.org Cc: roopa@cumulusnetworks.com, wkok@cumulusnetworks.com, anuradhak@cumulusnetworks.com, bridge@lists.linux-foundation.org, linus.luessing@c0d3.blue, davem@davemloft.net, stephen@networkplumber.org References: <20190215130427.29824-1-nikolay@cumulusnetworks.com> From: Florian Fainelli Openpgp: preference=signencrypt Autocrypt: addr=f.fainelli@gmail.com; keydata= mQENBFPAG8ABCAC3EO02urEwipgbUNJ1r6oI2Vr/+uE389lSEShN2PmL3MVnzhViSAtrYxeT M0Txqn1tOWoIc4QUl6Ggqf5KP6FoRkCrgMMTnUAINsINYXK+3OLe7HjP10h2jDRX4Ajs4Ghs JrZOBru6rH0YrgAhr6O5gG7NE1jhly+EsOa2MpwOiXO4DE/YKZGuVe6Bh87WqmILs9KvnNrQ PcycQnYKTVpqE95d4M824M5cuRB6D1GrYovCsjA9uxo22kPdOoQRAu5gBBn3AdtALFyQj9DQ KQuc39/i/Kt6XLZ/RsBc6qLs+p+JnEuPJngTSfWvzGjpx0nkwCMi4yBb+xk7Hki4kEslABEB AAG0KEZsb3JpYW4gRmFpbmVsbGkgPGZhaW5lbGxpQGJyb2FkY29tLmNvbT6JAccEEAECALEF AlPAG9YXCgABv0jL/n0t8VEFmtDa8j7qERo7AN0gFAAAAAAAFgABa2V5LXVzYWdlLW1hc2tA cGdwLmNvbY4wFIAAAAAAIAAHcHJlZmVycmVkLWVtYWlsLWVuY29kaW5nQHBncC5jb21wZ3Bt aW1lCAsJCAcDAgEKAhkBBReAAAAAGRhsZGFwOi8va2V5cy5icm9hZGNvbS5jb20FGwMAAAAD FgIBBR4BAAAABBUICQoACgkQgTG1xCm8ZqD+Dgf9HhhzqvJYIPomNeg+ll7/TbzWb871E+HQ TaufJQFQwLEbgdFSZO2uj4UqfDpCyTwtHTVMJogWt3pCAE1sadeIY8OlT6918ofKIl8AiHj2 BlfL7ASZ5wzkRMt/4TZoinq9O1tPEynb5G6PdZTV3UQtmSGnpt2EOu7KtRJsnThBiXoOO9TJ Asg4vXJ0ZM1y/MPhQlZbPCHQZFe1gaVWBPLGnLyWyeprqgSLWHaGqrUhlfK1sLuJK1bjYDCI NetK0pS4cA4ZJgogr5FrtV64R19zLl02mt/Yj7rAmjC3ZBuwVi3V35kD8Kd4d9QM2apsiILV bzGbtVCSUgvxI+1SsJEm3bkBDQRTwBvBAQgArGvvWip77T4xgJztZp9YRylAcVTC9gtx0Gg6 eYk/EPANGm9TkuGpI++T/Il2H2TjFQNC7eubWohbYj0+6Tmf8nP+VmyobDxPXcMrK7x4xy9o D+Kub2Vf0SXbsM8fL/SqzGbFWZSm73L1L4GZoxvYIz0i7LExYSX2u5YVLaMBaH9HwKt2cvr7 MuTrRHtcbOZImoXT29g2UnoF1uwxYNeRhZY/lRvVkkY0lDipPuDwg3SpfHMtCybPq1uAswQd gEbHzRsEXwCR1OF3pIuGt4I3tSEhH/k1caqi0BlqjbGUOkku44xC2gf1ZU267FBBkdV3yJ/7 KnrJEnkMCYhS3kII9wARAQABiQJBBBgBAgErBQJTwBvCBRsMAAAAwF0gBBkBCAAGBQJTwBvB AAoJEJNgBqiYLw9VDRUIAJaTef6hsUAESnlGDpC+ymL2RZdzAJx9lXjU4hhaFcyhznuyyMJq d3mehmLxsqDRvHDiqyD71w2Bnc838MVZw0pwBPdnb/h9Ocmp0lL/9hwSGWvy4az5lYVyoA9u 14UIzh0YNGu6jr0isd/LJAbHXqwJwWWs3y8PTrpEp68V6lv+aXt5gR03lJEAvIR1Awp4JJ/e Z5y12gQISp0X8xal9YhhDWER92YLYrO2b6Hc2S31lAupzfCw8lmZsP1PRz1GmF/KmDD9J9N/ b8IehhWQqrBQjMjn2K2XkvN75HnAMHKFYfHZR3ZHtK52ZP1crV7THtbtrnPXVDq+vO4QPmdC +SEACgkQgTG1xCm8ZqC6BwgAl3kRh7oozpjpG8jpO8en5CBtTl3G+OpKJK9qbQyzdCsuJ0K1 qe1wZPZbP/Y+VtmqSgnExBzjStt9drjFBK8liPQZalp2sMlS9S7csSy6cMLF1auZubAZEqpm tpXagbtgR12YOo57Reb83F5KhtwwiWdoTpXRTx/nM0cHtjjrImONhP8OzVMmjem/B68NY++/ qt0F5XTsP2zjd+tRLrFh3W4XEcLt1lhYmNmbJR/l6+vVbWAKDAtcbQ8SL2feqbPWV6VDyVKh ya/EEq0xtf84qEB+4/+IjCdOzDD3kDZJo+JBkDnU3LBXw4WCw3QhOXY+VnhOn2EcREN7qdAK w0j9Sw== Message-ID: <2bb7baaa-affb-451c-658d-bc5412a14c31@gmail.com> Date: Sat, 16 Feb 2019 19:05:10 -0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.0 MIME-Version: 1.0 In-Reply-To: <20190215130427.29824-1-nikolay@cumulusnetworks.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On 2/15/2019 5:04 AM, Nikolay Aleksandrov wrote: > The behaviour since b00589af3b04 ("bridge: disable snooping if there is > no querier") is wrong, we shouldn't be flooding multicast traffic when > there is an mdb entry and we know where it should be forwarded to when > multicast snooping is enabled. This patch changes the behaviour to not > flood known unicast traffic. You mean multicast traffic in the last part of the sentence, right? > I'll give two obviously broken cases: > - most obvious: static mdb created by the user with snooping enabled > - user-space daemon controlling the mdb table (e.g. MLAG) > > Every user would expect to have traffic forwarded only to the configured > mdb destination when snooping is enabled, instead now to get that one > needs to enable both snooping and querier. Enabling querier on all > switches could be problematic and is not a good solution, for example > as summarized by our multicast experts: > "every switch would send an IGMP query for any random multicast traffic it > received across the entire domain and it would send it forever as long as a > host exists wanting that stream even if it has no downstream/directly > connected receivers" > > Sending as an RFC to get the discussion going, but I'm strongly for > removing this behaviour and would like to send this patch officially. > > We could make this behaviour possible via a knob if necessary, but > it really should not be the default. > > Signed-off-by: Nikolay Aleksandrov > --- > net/bridge/br_device.c | 3 +-- > net/bridge/br_input.c | 3 +-- > 2 files changed, 2 insertions(+), 4 deletions(-) > > diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c > index 013323b6dbe4..2aa8a6509924 100644 > --- a/net/bridge/br_device.c > +++ b/net/bridge/br_device.c > @@ -96,8 +96,7 @@ netdev_tx_t br_dev_xmit(struct sk_buff *skb, struct net_device *dev) > } > > mdst = br_mdb_get(br, skb, vid); > - if ((mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) && > - br_multicast_querier_exists(br, eth_hdr(skb))) > + if (mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) > br_multicast_flood(mdst, skb, false, true); > else > br_flood(br, skb, BR_PKT_MULTICAST, false, true); > diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c > index 5ea7e56119c1..aae78095cf67 100644 > --- a/net/bridge/br_input.c > +++ b/net/bridge/br_input.c > @@ -136,8 +136,7 @@ int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb > switch (pkt_type) { > case BR_PKT_MULTICAST: > mdst = br_mdb_get(br, skb, vid); > - if ((mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) && > - br_multicast_querier_exists(br, eth_hdr(skb))) { > + if (mdst || BR_INPUT_SKB_CB_MROUTERS_ONLY(skb)) { > if ((mdst && mdst->host_joined) || > br_multicast_is_router(br)) { > local_rcv = true; > -- Florian