* [PATCH net-next 2/2] ipv6: dont cache cloned routes
@ 2012-09-12 12:01 Eric Dumazet
2012-09-12 20:52 ` Maciej Żenczykowski
2012-09-13 21:02 ` David Miller
0 siblings, 2 replies; 3+ messages in thread
From: Eric Dumazet @ 2012-09-12 12:01 UTC (permalink / raw)
To: David Miller
Cc: netdev, Lorenzo Colitti, Maciej Żenczykowski, Tom Herbert
From: Eric Dumazet <edumazet@google.com>
We can now destroy cloned routes immediately from dst_release() instead
of depending on garbage collection.
Set DST_NOCACHE in rt6_alloc_clone() so that :
1) we avoid calling ip6_ins_rt() on such routes
2) dst_release() can call destroy when refcount becomes 0
This allows machines to resist to DDOS.
Reported-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Maciej Żenczykowski <maze@google.com>
Cc: Tom Herbert <therbert@google.com>
---
net/ipv6/route.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index d4ba3fc..fedbb41 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -840,6 +840,7 @@ static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort,
struct rt6_info *rt = ip6_rt_copy(ort, daddr);
if (rt) {
+ rt->dst.flags |= DST_NOCACHE;
rt->rt6i_flags |= RTF_CACHE;
rt->n = neigh_clone(ort->n);
}
@@ -887,7 +888,7 @@ restart:
dst_hold(&rt->dst);
if (nrt) {
- err = ip6_ins_rt(nrt);
+ err = (nrt->dst.flags & DST_NOCACHE) ? 0 : ip6_ins_rt(nrt);
if (!err)
goto out2;
}
^ permalink raw reply related [flat|nested] 3+ messages in thread* Re: [PATCH net-next 2/2] ipv6: dont cache cloned routes
2012-09-12 12:01 [PATCH net-next 2/2] ipv6: dont cache cloned routes Eric Dumazet
@ 2012-09-12 20:52 ` Maciej Żenczykowski
2012-09-13 21:02 ` David Miller
1 sibling, 0 replies; 3+ messages in thread
From: Maciej Żenczykowski @ 2012-09-12 20:52 UTC (permalink / raw)
To: Eric Dumazet; +Cc: David Miller, netdev, Lorenzo Colitti, Tom Herbert
Acked-by: Maciej Żenczykowski <maze@google.com>
On Wed, Sep 12, 2012 at 5:01 AM, Eric Dumazet <eric.dumazet@gmail.com> wrote:
> From: Eric Dumazet <edumazet@google.com>
>
> We can now destroy cloned routes immediately from dst_release() instead
> of depending on garbage collection.
>
> Set DST_NOCACHE in rt6_alloc_clone() so that :
>
> 1) we avoid calling ip6_ins_rt() on such routes
>
> 2) dst_release() can call destroy when refcount becomes 0
>
> This allows machines to resist to DDOS.
>
> Reported-by: Lorenzo Colitti <lorenzo@google.com>
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> Cc: Maciej Żenczykowski <maze@google.com>
> Cc: Tom Herbert <therbert@google.com>
> ---
> net/ipv6/route.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/net/ipv6/route.c b/net/ipv6/route.c
> index d4ba3fc..fedbb41 100644
> --- a/net/ipv6/route.c
> +++ b/net/ipv6/route.c
> @@ -840,6 +840,7 @@ static struct rt6_info *rt6_alloc_clone(struct rt6_info *ort,
> struct rt6_info *rt = ip6_rt_copy(ort, daddr);
>
> if (rt) {
> + rt->dst.flags |= DST_NOCACHE;
> rt->rt6i_flags |= RTF_CACHE;
> rt->n = neigh_clone(ort->n);
> }
> @@ -887,7 +888,7 @@ restart:
>
> dst_hold(&rt->dst);
> if (nrt) {
> - err = ip6_ins_rt(nrt);
> + err = (nrt->dst.flags & DST_NOCACHE) ? 0 : ip6_ins_rt(nrt);
> if (!err)
> goto out2;
> }
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [PATCH net-next 2/2] ipv6: dont cache cloned routes
2012-09-12 12:01 [PATCH net-next 2/2] ipv6: dont cache cloned routes Eric Dumazet
2012-09-12 20:52 ` Maciej Żenczykowski
@ 2012-09-13 21:02 ` David Miller
1 sibling, 0 replies; 3+ messages in thread
From: David Miller @ 2012-09-13 21:02 UTC (permalink / raw)
To: eric.dumazet; +Cc: netdev, lorenzo, maze, therbert
From: Eric Dumazet <eric.dumazet@gmail.com>
Date: Wed, 12 Sep 2012 14:01:47 +0200
> From: Eric Dumazet <edumazet@google.com>
>
> We can now destroy cloned routes immediately from dst_release() instead
> of depending on garbage collection.
>
> Set DST_NOCACHE in rt6_alloc_clone() so that :
>
> 1) we avoid calling ip6_ins_rt() on such routes
>
> 2) dst_release() can call destroy when refcount becomes 0
>
> This allows machines to resist to DDOS.
>
> Reported-by: Lorenzo Colitti <lorenzo@google.com>
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> Cc: Maciej Żenczykowski <maze@google.com>
> Cc: Tom Herbert <therbert@google.com>
This current behavior is very much intentional and cannot be removed
so trivially. The scope of this change is much wider than some DDOS
test.
This change is the moral equivalent of the ipv4 routing cache removal,
but we have not done anything to compensate for the resulting ipv6
performance loss as the routing cache removal changes did.
The insertion of ipv6 route clones into the tree is how the ipv6 code
caches routes.
The only legitimate way to make this change is to revamp ipv6 route
handling properly like we did for ipv4.
This means making it such that, when legitimate, prefixed routes found
directly into the route tree are used directly.
To achieve this you need to:
1) Convert ipv6 to do ref-count-less neighbour handling and not cache
neighbours in the ipv6 routes, instead doing the lookup on demand
in ip6_output as we do on the ipv4 side.
2) Stop caching inetpeers in the ipv6 routes.
3) Make ipv6 in-route metrics read-only, again as we already do in
ipv4.
And so on and so forth, until direct use of prefixed ipv6 routes is
possible.
I really can't even remotely entertain applying this patch, sorry.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2012-09-13 21:02 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-09-12 12:01 [PATCH net-next 2/2] ipv6: dont cache cloned routes Eric Dumazet
2012-09-12 20:52 ` Maciej Żenczykowski
2012-09-13 21:02 ` David Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).