From: Daniel Borkmann <dborkman@redhat.com>
To: Paul Pearce <pearce@cs.berkeley.edu>
Cc: Michael Richardson <mcr@sandelman.ca>,
Eric Dumazet <eric.dumazet@gmail.com>,
Ani Sinha <ani@aristanetworks.com>,
Jiri Pirko <jpirko@redhat.com>,
netdev@vger.kernel.org, edumazet <edumazet@google.com>,
tcpdump-workers <tcpdump-workers@lists.tcpdump.org>
Subject: Re: [tcpdump-workers] [PATCH net 1/2] net: dev_queue_xmit_nit: fix skb->vlan_tci field value
Date: Fri, 11 Jan 2013 09:46:19 +0100 [thread overview]
Message-ID: <50EFD15B.4050307@redhat.com> (raw)
In-Reply-To: <CAOUgPvSpMmsLpiwmnxwFx9p+B=KOG5VqjNvu_+54hLcBPNK4Cg@mail.gmail.com>
On 01/11/2013 03:37 AM, Paul Pearce wrote:
>>> My opinion as a kernel developer is that the network tap is here to have
>>> a copy of the exact frame given to the _device_.
Agreed.
>> Good: as someone who spends lots of time with tcpdump doing both network
>> and protocol diagnostics, it's really important to see exactly there.
>> If that means turning off some hardware offload in order to get the
>> intact 1p header, then that may be fine for many situations.
>> (At 10G, on a live router... well...)
>
> I agree as well.
>
> But I think Ani's point was that for RX packets, as of commit
> bcc6d47903612c3861201cc3a866fb604f26b8b2, the filters are not
> getting exactly what's "on the wire." Independent of hardware
> acceleration the vlan headers are being stripped off and skb->vlan_tci
> is being set. That's was the origin of this whole mess.
>
> The msg from that commit reads in part:
>> Vlan untagging happens early in __netif_receive_skb so the rest of
>> code (ptype_all handlers, rx_handlers) see the skb like it was
>> untagged by hw.
>
> His confusion (which I share) is why it's acceptable to have this
> behavior of removing headers and setting skb->vlan_tci (regardless of
> hardware acceleration) on the RX path but not also set skb->vlan_tci
> on the TX path.
>
> Indepdent of proposed userspace or PACKET_AUXDATA solutions,
> clarification on the RX skb->vlan_tci behavior would be appreciated.
>
> My knowledge of this code is quite limited so it's entirely possible
> I'm off base here. If so please tell me.
While we're at the topic, though it's slightly unrelated this particular
problem, but related to capturing VLANs and ``what's seen on the wire'',
since it was mentioned.
For different NICs/drivers you might get different default behaviours, and
mostly it's the case (I assume, correct me if I'm wrong) that libpcap has
to ``un-untag'' the VLAN headers in user space, doing a memmove(3) for each
stripped VLAN packet in order to ``fix'' this.
Because of this hack, I even got a report of a user recently, that in
Wireshark, he saw a QinQ header, although it should just have been one
VLAN encapsulation (AR8131 driver with ethtool -K eth0 rxvlan off) as he
saw with netsniff-ng (no memmove(3) done there). (I didn't further follow
or verify this report though.)
next prev parent reply other threads:[~2013-01-11 8:46 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-09 5:15 [PATCH net 1/2] net: dev_queue_xmit_nit: fix skb->vlan_tci field value Paul Pearce
2013-01-09 6:06 ` Ani Sinha
2013-01-09 6:27 ` Eric Dumazet
2013-01-09 6:34 ` Ani Sinha
2013-01-09 19:27 ` Ani Sinha
2013-01-09 19:51 ` Eric Dumazet
2013-01-09 20:01 ` Ani Sinha
2013-01-09 20:06 ` Ani Sinha
2013-01-11 1:47 ` [tcpdump-workers] " Michael Richardson
2013-01-11 2:37 ` Paul Pearce
2013-01-11 8:46 ` Daniel Borkmann [this message]
2013-02-15 8:17 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50EFD15B.4050307@redhat.com \
--to=dborkman@redhat.com \
--cc=ani@aristanetworks.com \
--cc=edumazet@google.com \
--cc=eric.dumazet@gmail.com \
--cc=jpirko@redhat.com \
--cc=mcr@sandelman.ca \
--cc=netdev@vger.kernel.org \
--cc=pearce@cs.berkeley.edu \
--cc=tcpdump-workers@lists.tcpdump.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).