From: Patrick McHardy <kaber@trash.net>
To: Linux Netdev List <netdev@vger.kernel.org>
Subject: [RFC PATCH 00/04]: VLAN vs. packet socket inconsistencies
Date: Tue, 08 Jul 2008 12:14:51 +0200 [thread overview]
Message-ID: <48733E1B.8010501@trash.net> (raw)
There are currently a number of inconsistencies when using
VLANs with VLAN acceleration and packet sockets:
1) With hardware tagging, outgoing packets are visible without
the VLAN header, while with software tagging the full VLAN
header is visible
2) With hardware stripping, incoming packets for locally configured
VLANs appear on the VLAN device without being visible on the
underlying device. Packets for unknown VLANs are not visible
at all. Without hardware stripping, all VLAN packets are visible
on the underlying device.
3) With hardware filtering, some drivers disable filtering in
promiscous mode, some don't. The consensus of some discussions
on netdev about this was that promiscous mode should disable
all hardware filters, but keep HW acceleration enabled.
These patches fix point 1) and 2). Point 3) needs changes to the
drivers and will be fixed separetly.
The first patch moves the VLAN tag from the cb to a new skb
member, which is necessary to avoid clashes between VLANs and
qdiscs/packet sockets use of the cb. This means on TX, packet
sockets can get the tag from the skb.
The second patch uses the new skb field to store the VLAN TCI of
stripped VLAN packets on RX and deliver them to packet sockets.
The third patch adds the VLAN TCI to the packet auxdata and delivers
it to userspace, where it can be used to reconstruct the original
packet.
The fourth patch modifies libpcap to reconstruct the original
packet. There might be a better way to do this, but it was
useful for testing.
There are mainly two remaining problems with this approach:
- socket filters for VLAN headers don't work properly since they
expect the VLAN header to be present. Since with the approach
taken by these patches, userspace has to have knowledge about
VLAN acceleration anyway, it seems OK to simply add a filter
instruction to filter on skb->vlan_tci and have userspace
construct its filters accordingly.
- packet socket auxdata is only available for non-mmaped sockets.
For mmaped sockets the only place to store the data is in
struct tpacket_hdr, but that would break compatibility. Not sure
what to do about this case.
Comments welcome.
next reply other threads:[~2008-07-08 10:14 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-08 10:14 Patrick McHardy [this message]
2008-07-08 10:15 ` [RFC PATCH 01/04]: vlan: Don't store VLAN tag in cb Patrick McHardy
2008-07-08 10:16 ` [RFC PATCH 02/04]: vlan: deliver packets received with VLAN acceleration to network taps Patrick McHardy
2008-07-08 10:16 ` [RFC PATCH 03/04]: packet: Store VLAN tag in auxillary data Patrick McHardy
2008-07-08 10:21 ` Patrick McHardy
2008-07-08 10:17 ` [RFC PATCH 04/04]: libpcap: reconstruct VLAN header from auxdata Patrick McHardy
2008-07-08 22:12 ` [RFC PATCH 00/04]: VLAN vs. packet socket inconsistencies David Miller
2008-07-08 22:30 ` Patrick McHardy
2008-07-08 22:35 ` David Miller
2008-07-08 22:38 ` David Miller
2008-07-08 22:48 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=48733E1B.8010501@trash.net \
--to=kaber@trash.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).