From: Petr Machata <petrm@nvidia.com>
To: "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
<netdev@vger.kernel.org>
Cc: Ido Schimmel <idosch@nvidia.com>, Petr Machata <petrm@nvidia.com>,
<mlxsw@nvidia.com>, Andrew Lunn <andrew+netdev@lunn.ch>,
Nikolay Aleksandrov <razor@blackwall.org>,
Roopa Prabhu <roopa@nvidia.com>,
Menglong Dong <menglong8.dong@gmail.com>,
Guillaume Nault <gnault@redhat.com>
Subject: [PATCH net-next 0/4] vxlan: Join / leave MC group when reconfigured
Date: Fri, 7 Feb 2025 18:34:20 +0100 [thread overview]
Message-ID: <cover.1738949252.git.petrm@nvidia.com> (raw)
When a vxlan netdevice is brought up, if its default remote is a multicast
address, the device joins the indicated group.
Therefore when the multicast remote address changes, the device should
leave the current group and subscribe to the new one. Similarly when the
interface used for endpoint communication is changed in a situation when
multicast remote is configured. This is currently not done.
Both vxlan_igmp_join() and vxlan_igmp_leave() can however fail. So it is
possible that with such fix, the netdevice will end up in an inconsistent
situation where the old group is not joined anymore, but joining the
new group fails. Should we join the new group first, and leave the old one
second, we might end up in the opposite situation, where both groups are
joined. Undoing any of this during rollback is going to be similarly
problematic.
One solution would be to just forbid the change when the netdevice is up.
However in vnifilter mode, changing the group address is allowed, and these
problems are simply ignored (see vxlan_vni_update_group()):
# ip link add name br up type bridge vlan_filtering 1
# ip link add vx1 up master br type vxlan external vnifilter local 192.0.2.1 dev lo dstport 4789
# bridge vni add dev vx1 vni 200 group 224.0.0.1
# tcpdump -i lo &
# bridge vni add dev vx1 vni 200 group 224.0.0.2
18:55:46.523438 IP 0.0.0.0 > 224.0.0.22: igmp v3 report, 1 group record(s)
18:55:46.943447 IP 0.0.0.0 > 224.0.0.22: igmp v3 report, 1 group record(s)
# bridge vni
dev vni group/remote
vx1 200 224.0.0.2
Having two different modes of operation for conceptually the same interface
is silly, so in this patchset, just do what the vnifilter code does and
deal with the errors by crossing fingers real hard.
Petr Machata (4):
vxlan: Join / leave MC group after remote changes
selftests: forwarding: lib: Move require_command to net, generalize
selftests: test_vxlan_fdb_changelink: Convert to lib.sh
selftests: test_vxlan_fdb_changelink: Add a test for MC remote change
drivers/net/vxlan/vxlan_core.c | 15 +++
tools/testing/selftests/net/forwarding/lib.sh | 10 --
tools/testing/selftests/net/lib.sh | 19 +++
.../net/test_vxlan_fdb_changelink.sh | 111 ++++++++++++++++--
4 files changed, 132 insertions(+), 23 deletions(-)
--
2.47.0
next reply other threads:[~2025-02-07 17:35 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-07 17:34 Petr Machata [this message]
2025-02-07 17:34 ` [PATCH net-next 1/4] vxlan: Join / leave MC group after remote changes Petr Machata
2025-02-11 14:17 ` Paolo Abeni
2025-02-11 14:56 ` Petr Machata
2025-02-11 15:52 ` Paolo Abeni
2025-02-11 22:11 ` Petr Machata
2025-02-07 17:34 ` [PATCH net-next 2/4] selftests: forwarding: lib: Move require_command to net, generalize Petr Machata
2025-02-07 17:34 ` [PATCH net-next 3/4] selftests: test_vxlan_fdb_changelink: Convert to lib.sh Petr Machata
2025-02-07 17:34 ` [PATCH net-next 4/4] selftests: test_vxlan_fdb_changelink: Add a test for MC remote change Petr Machata
2025-02-10 11:24 ` [PATCH net-next 0/4] vxlan: Join / leave MC group when reconfigured Nikolay Aleksandrov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1738949252.git.petrm@nvidia.com \
--to=petrm@nvidia.com \
--cc=andrew+netdev@lunn.ch \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=gnault@redhat.com \
--cc=idosch@nvidia.com \
--cc=kuba@kernel.org \
--cc=menglong8.dong@gmail.com \
--cc=mlxsw@nvidia.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=razor@blackwall.org \
--cc=roopa@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).