From: Robert Shearman <rshearma@brocade.com>
To: roopa <roopa@cumulusnetworks.com>, David Miller <davem@davemloft.net>
Cc: <ebiederm@xmission.com>, <netdev@vger.kernel.org>
Subject: Re: [PATCH net-next v5] mpls: support for dead routes
Date: Mon, 30 Nov 2015 22:32:19 +0000 [thread overview]
Message-ID: <565CCE73.2060003@brocade.com> (raw)
In-Reply-To: <5659468E.5080905@cumulusnetworks.com>
On 28/11/15 06:15, roopa wrote:
> On 11/25/15, 8:18 AM, David Miller wrote:
>> From: Roopa Prabhu <roopa@cumulusnetworks.com>
>> Date: Tue, 24 Nov 2015 15:22:22 -0800
>>
>>> v4 -v5
>>> - if kmemdup fails, modify the original route in place. This is a
>>> corner case and only side effect is that in the remote case
>>> of kmemdup failure, the changes will not be atomically visible
>>> to datapath.
>> I really don't like this.
>>
>> Either you need to make the changes appear atomic to the data path,
>> and you therefore must fail the operation if kmemdup() fails, or it
>> doesn't matter and you should just always change the route in-place.
>>
>> As far as I can tell it can't possibly matter. The alive counter is
>> never modified by the data path, it is only tested to make a multipath
>> decision. Likewise it's rather harmless to send a frame or two via a
>> device currently going down.
>>
>> But if you're convinced it matters, then is matters, and you can't
>> fake things when kmemdup() fails. And in that case I would recommend
>> that you use a two pass algorithm, one pass allocates all of the
>> new routes, and the second fills them in, inserts them, and frees
>> the old ones.
>>
>> That is the only way you can unwind and fail cleanly.
>>
>> And oh yeah, that's right, you can't really fail this and make the
>> ifdown not proceed.
>>
>> So you're stuck, right?
>>
>> That's why this has to be designed in a way where memory allocations
>> are not necessary. These notifiers aren't really designed to facilitate
>> situations that require resource acquisitions that can fail.
>>
> Get your point. I am not convinced that the atomic update matters much for the transient case.
> I was trying to accommodate comments i got during the review and it seemed ok to cover both
> cases by optionally doing the atomic update when we can. But, I get your position on this.
My comment on atomic updates on v2 was referring to whether partial
updates could be seen by the forwarding code and if they did whether it
matters. I don't think it matters for nh_flags, but I think it does for
rt_nhn_alive.
Thanks,
Rob
prev parent reply other threads:[~2015-11-30 22:32 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-24 23:22 [PATCH net-next v5] mpls: support for dead routes Roopa Prabhu
2015-11-25 9:51 ` Robert Shearman
2015-11-25 16:18 ` David Miller
2015-11-28 6:15 ` roopa
2015-11-30 22:32 ` Robert Shearman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=565CCE73.2060003@brocade.com \
--to=rshearma@brocade.com \
--cc=davem@davemloft.net \
--cc=ebiederm@xmission.com \
--cc=netdev@vger.kernel.org \
--cc=roopa@cumulusnetworks.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).