| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 08 Aug 2011 09:57:14 +0200 From: David Lamparter <equinox@...c24.net> To: Phillip Susi <psusi@....rr.com> Cc: netdev@...r.kernel.org Subject: Re: 802.3ad bonding brain damaged? Am Sonntag, den 07.08.2011, 15:52 -0400 schrieb Phillip Susi: > - From Documentation/networking/bonding.txt: > > Additionally, the linux bonding 802.3ad implementation > distributes traffic by peer (using an XOR of MAC addresses), > > This is counter to the entire point of 802.3ad. Distributing traffic by > hash of the destination address is poor mans load balancing for > systems not supporting 802.3ad. No, it isn't. 802.3ad/.1AX explicitly requires that no packet re-ordering may ever occur, which can only be guaranteed by enqueueing packets for one host on one TX interface. This behaviour is mandated by 802.1AX-2008 page 15 which reads: This standard does not mandate any particular distribution algorithm(s); however, any distribution algorithm shall ensure that, when frames are received by a Frame Collector as specified in 5.2.3, the algorithm shall not cause a) Misordering of frames that are part of any given conversation, or b) Duplication of frames. | The above requirement to maintain frame ordering is met by ensuring | that all frames that compose a given conversation are transmitted on a | single link in the order that they are generated by the MAC Client; hence, this requirement does not involve the addition (or modification) of any information to the MAC frame, nor any buffering or processing on the part of the corresponding Frame Collector in order to reorder frames. This approach to the operation of the distribution function permits a wide variety of distribution and load balancing algorithms to be used, while also ensuring interoperability between devices that adopt differing algorithms. (IMHO it is 802.3ad/.1AX that is brain damaged, I would've made this a weak requirement with an optional mode switch for networks that require a strong one.) It is true that it might be possible to fulfill this requirement with a more sophisticated approach or just ignore edge cases, but in that case you can just use a different bonding algorithm. > When in 802.3ad mode, packets are supposed to > be queued to whichever interface has the shortest tx length so a single > stream to a single host can be balanced across all links instead of > being restricted to one, while the other is idle. Please make sure to tag your assumptions as such and don't make assertions without reading the specification. -David -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists