From: Max Krasnyansky <maxk@qualcomm.com>
To: Brian Braunstein <linuxkernel@bristyle.com>,
Christian Borntraeger <borntraeger@de.ibm.com>,
Shaun Jackman <sjackman@gmail.com>,
netdev@vger.kernel.org, virtualization@lists.linux-fou
Subject: Multicast and receive filtering in TUN/TAP
Date: Wed, 09 Jul 2008 15:58:23 -0700 [thread overview]
Message-ID: <4875428F.4080704@qualcomm.com> (raw)
Yesterday while fixing xoff stuckiness issue in the TUN/TAP driver I got
a chance to look into the multicast filtering code in there. And
immediately realized how terribly broken & confusing it is. The patch
was originally done by Shaun (CC'ed) and went in without any proper ACK
from me, Dave or Jeff.
Here is the original ref
http://marc.info/?l=linux-netdev&m=110490502102308&w=2
I'm not going to dive into too much details on what's wrong with the
current code. The main issues are that it mixes RX and TX filtering
which are orthogonal, and it reuses ioctl names and stuff for
manipulating TX filter state as if it was a normal RX multicast state.
Later on Brian's patch added insult to the injury
http://git.kernel.org/?p=linux/kernel/git/\
torvalds/linux-2.6.git;\
a=commit;h=36226a8ded46b89a94f9de5976f554bb5e02d84c
Brian missed the point of the original patch (not his fault, as I said
the original patch was not the best) that the separate address
introduced by the MC patch was used for filtering _TX_ packets. It had
nothing to do with the HW addr of the local network interface.
The problem is that MC stuff is now even more broken and ioctls that
were used originally now mean something different. So my first thinking
was to just rip the MC stuff out because it's broken and probably nobody
uses it (given that we got no complains after Brian's patch broke it
completely). But then I realized that if done properly it might be very
useful for virtualization.
---
So the first question is are there any users out there that ever used
the original patch. Shaun, any insight ? How did you intend to use it ?
---
The second question is do you guys think that QEMU/KVM/LGUEST/etc would
benefit if receive filtering was done by the host OS. Here is a specific
example of what I'm talking about.
We can do what qemu/hw/e1000.c:receive_filter() does in the _host_
context (that function currently runs in the guest context). By looking
at libvirt, typical QEMU based setup is that you have a single bridge
and all the TAPs from different VMs are hooked up to that bridge. What
that means is that if one VM is getting MC traffic or when the bridge
sees MACADDR that is not in its tables the packets get delivered to all
the VMs. ie We have to wake all of the up only to so that they could
drop that packet. Instead, we could setup filters in the host's side of
the TAP device.
Does that sound like something useful for QEMU/KVM ?
If yes we can talk about the API. If not then I'll just nuke it.
Thanx
Max
next reply other threads:[~2008-07-09 22:58 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-09 22:58 Max Krasnyansky [this message]
2008-07-10 8:29 ` Multicast and receive filtering in TUN/TAP Christian Borntraeger
2008-07-10 16:57 ` Max Krasnyansky
2008-07-10 20:23 ` Christian Borntraeger
2008-07-11 2:20 ` Max Krasnyansky
2008-07-11 7:01 ` Rusty Russell
2008-07-11 8:01 ` Max Krasnyansky
2008-07-10 21:38 ` Shaun Jackman
2008-07-11 2:32 ` Brian Braunstein
2008-07-11 3:05 ` Max Krasnyansky
2008-07-11 3:01 ` Max Krasnyansky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4875428F.4080704@qualcomm.com \
--to=maxk@qualcomm.com \
--cc=borntraeger@de.ibm.com \
--cc=linuxkernel@bristyle.com \
--cc=netdev@vger.kernel.org \
--cc=sjackman@gmail.com \
--cc=virtualization@lists.linux-fou \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).