From: ebiederm@xmission.com (Eric W. Biederman)
To: Patrick McHardy <kaber@trash.net>
Cc: Mark Smith
<nanog@85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org>,
greearb@candelatech.com, David Miller <davem@davemloft.net>,
netdev@vger.kernel.org, shemminger@linux-foundation.org
Subject: Re: MACVLANs really best solution? How about a bridge with multiple bridge virtual interfaces?
Date: Mon, 09 Mar 2009 08:48:03 -0700 [thread overview]
Message-ID: <m13admbsuk.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <49B52F73.7010508@trash.net> (Patrick McHardy's message of "Mon\, 09 Mar 2009 16\:02\:11 +0100")
Patrick McHardy <kaber@trash.net> writes:
> Eric W. Biederman wrote:
>> Patrick McHardy <kaber@trash.net> writes:
>>
>>> I agree on most points. There is one fundamental operational difference
>>> however. With macvlan, all MAC addresses are known are therefore can be
>>> programmed as secondary unicast addresses, while a bridge always uses
>>> promiscous mode and for unknown addresses needs to flood forward them.
>>>
>>> This could be changed in the bridging code of course for bridges
>>> consisting purely of local devices. Most of the bridging stuff isn't
>>> needed for macvlans though, so its probably easier to simply perform
>>> a lookup for local devices in macvlan on transmit, similar to what
>>> is done on reception.
>>
>> What I haven't figured out is how you handle the transmit path for
>> broadcast and multicast ethernet traffic. How do you test to see if
>> you have already preformed local transmission?
>
> I'm not sure I understand the problem. Whats wrong with doing
> the same as on transmit, i.e.:
>
> - for multicast/broadcast, deliver everywhere (except self)
>
> - for unicast, deliver to matching local macvlan device or
> underlying device
>
>> +static int macvlan_queue_xmit(struct sk_buff *skb, struct net_device *dev)
>> +{
>> + const struct macvlan_dev *vlan = netdev_priv(dev);
>> + const struct macvlan_port *port = vlan->port;
>> + const struct macvlan_dev *dest;
>> + const struct ethhdr *eth;
>> - skb->dev = dev;
>> - skb->pkt_type = PACKET_HOST;
>> + skb->protocol = eth_type_trans(skb, dev);
>> + eth = eth_hdr(skb);
>> - netif_rx(skb);
>> - return NULL;
>> + dst_release(skb->dst);
>> + skb->dst = NULL;
>> + skb->mark = 0;
>> + secpath_reset(skb);
>> + nf_reset(skb);
>> +
>> + if (is_multicast_ether_addr(eth->h_dest)) {
>> + macvlan_broadcast(skb, port, dev);
>> + return macvlan_xmit_world(skb, dev);
>> + }
>> +
>> + dest = macvlan_hash_lookup(port, eth->h_dest);
>> + if (dest)
>> + return macvlan_unicast(skb, dest);
>> +
>> + return macvlan_xmit_world(skb, dev);
>> }
>
> Pretty much like this :)
Yes.
There are two tricky parts.
One problem is that macvlans and the primary hardware device share the
same transmit queue. So when I have a broadcast packet on the primary
devices queue I don't know if I have already sent it out to the
macvlan devices or not.
The second problem is that when I transmit a multicast packet and I
have a local listener. I believe replicating the packet both at the
ip layer and at the ethernet layer will result in receiving the packet
locally twice.
I'm not certain we need to solve the second problem as having two physical
interfaces plugged into a switch will have the same problem.
The first problem is all about how do we deliver packets everywhere except self.
Eric
next prev parent reply other threads:[~2009-03-09 15:48 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-07 10:45 MACVLANs really best solution? How about a bridge with multiple bridge virtual interfaces? (was Re: [PATCH] macvlan: Support creating macvlans from macvlans) Mark Smith
2009-03-07 16:30 ` Ben Greear
2009-03-07 18:13 ` Eric W. Biederman
2009-03-07 22:32 ` Mark Smith
2009-03-08 16:54 ` Ben Greear
2009-03-09 1:14 ` Mark Smith
2009-03-09 13:31 ` Patrick McHardy
2009-03-09 14:56 ` Eric W. Biederman
2009-03-09 15:02 ` Patrick McHardy
2009-03-09 15:48 ` Eric W. Biederman [this message]
2009-03-09 15:53 ` MACVLANs really best solution? How about a bridge with multiple bridge virtual interfaces? Patrick McHardy
2009-03-09 16:34 ` Eric W. Biederman
2009-03-09 16:45 ` Patrick McHardy
2009-03-09 18:58 ` Ben Greear
2009-03-09 21:17 ` Eric W. Biederman
2009-03-09 21:23 ` Ben Greear
2009-03-09 18:33 ` Brian Haley
2009-03-09 18:54 ` Ben Greear
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m13admbsuk.fsf@fess.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=davem@davemloft.net \
--cc=greearb@candelatech.com \
--cc=kaber@trash.net \
--cc=nanog@85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org \
--cc=netdev@vger.kernel.org \
--cc=shemminger@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).