From: Mugunthan V N <mugunthanvnm-l0cyMroinI0@public.gmane.org>
To: David Laight
<David.Laight-ZS65k/vG3HxXrIkS9f7CXA@public.gmane.org>,
David Miller <davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
Cc: "netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: [net-next PATCH v2 0/3] Broadcast/Multicast rate limit via Ethtool Coalesce
Date: Fri, 18 Jul 2014 11:07:35 +0530 [thread overview]
Message-ID: <53C8B29F.5@ti.com> (raw)
In-Reply-To: <063D6719AE5E284EB5DD2968C1650D6D172768B0-VkEWCZq2GCInGFn1LkZF6NBPR1lH4CV8@public.gmane.org>
On Thursday 17 July 2014 06:23 PM, David Laight wrote:
>> From: Mugunthan V N
>> On Thursday 10 July 2014 05:14 AM, David Miller wrote:
>>> From: Mugunthan V N <mugunthanvnm-l0cyMroinI0@public.gmane.org>
>>> Date: Wed, 9 Jul 2014 12:44:07 +0530
>>>
>>>> A system/cpu can be loaded by a hacker with flooding of broadcast or
>>>> multicast packets, to prevent this some Ethernet controllers like CPSW
>>>> provide a mechanism to limit the broadcast/multicast packet rate via
>>>> hardware limiters. This patch series enables this feature via
>>>> Ethtool Coalesce.
>>> This is pretty bogus if you ask me.
>>>
>>> What is the difference from accepting a high rate of unicast packets?
>>> I say it is no different.
>>>
>>> Therefore, this feature makes no sense to me at all.
>> Any packet storm can cause an endpoint some issues. Typically packet
>> storms will cause the system CPU to thrash resulting is very low system
>> performance.
>>
>> Unicast storms only target a single destination end station, it can be
>> easily mitigated by the host adding a blocking entry in the LUT for each
>> aggressor.
>>
>> Broadcast and multicast target multiple end stations, or an entire
>> network, not only can it cause CPU thrashing, it can result in loss of
>> other broadcast and multicast services. The rate limiting feature allow
>> the broadcast and or multicast traffic to be dropped if the rates are
>> too high. This eliminates the CPU thrashing issue. It also allows the
>> system to analyze the aggressors and block them for future transgressions.
> Rate limiting multicast traffic will definitely cause the loss of multicast
> services.
When a system apply the rate limit, the system should expect to miss
some of the broadcast/multicast packet depending on the rate limit it
applies.
>
> My experience of broadcast storms is that many of the ethernet switches
> (probably especially the cheap ones) end up using a much slower software?
> path for broadcasts. In a broadcast storm they start discarding normal
> traffic - to point where a single ssh session becomes unusable.
> This is true even when isolated from the storm by a 10M hub.
>
> Broadcast storms are probably mostly caused by network topology issues.
> Especially is switches are sending traffic to 'all ports' while resetting
> the spanning tree tables.
>
This is one more example where broadcast/multicast rate limit can be used.
Regards
Mugunthan V N
prev parent reply other threads:[~2014-07-18 5:37 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-09 7:14 [net-next PATCH v2 0/3] Broadcast/Multicast rate limit via Ethtool Coalesce Mugunthan V N
2014-07-09 7:14 ` [net-next PATCH v2 1/3] net: ethtool: Add Multicast and broadcast rate limit coalescing feature Mugunthan V N
2014-07-09 7:14 ` [net-next PATCH v2 2/3] drivers: net: cpsw: remove redundancy check Mugunthan V N
2014-07-09 7:14 ` [net-next PATCH v2 3/3] drivers: net: cpsw: Add support for multicast/broadcast rate limit Mugunthan V N
[not found] ` <1404890050-4020-4-git-send-email-mugunthanvnm-l0cyMroinI0@public.gmane.org>
2014-07-09 13:39 ` Govindarajulu Varadarajan
[not found] ` <1404890050-4020-1-git-send-email-mugunthanvnm-l0cyMroinI0@public.gmane.org>
2014-07-09 23:44 ` [net-next PATCH v2 0/3] Broadcast/Multicast rate limit via Ethtool Coalesce David Miller
[not found] ` <20140709.164420.157865201153845876.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2014-07-17 6:13 ` Mugunthan V N
[not found] ` <53C76990.3000304-l0cyMroinI0@public.gmane.org>
2014-07-17 12:53 ` David Laight
[not found] ` <063D6719AE5E284EB5DD2968C1650D6D172768B0-VkEWCZq2GCInGFn1LkZF6NBPR1lH4CV8@public.gmane.org>
2014-07-18 5:37 ` Mugunthan V N [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53C8B29F.5@ti.com \
--to=mugunthanvnm-l0cymroini0@public.gmane.org \
--cc=David.Laight-ZS65k/vG3HxXrIkS9f7CXA@public.gmane.org \
--cc=davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).