| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Jan 2011 18:28:33 -0800 From: Jay Vosburgh <fubar@...ibm.com> To: "Oleg V. Ukhno" <olegu@...dex-team.ru> cc: =?UTF-8?B?Tmljb2xhcyBkZSBQZXNsb8O8YW4=?= <nicolas.2p.debian@...il.com>, John Fastabend <john.r.fastabend@...el.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: Re: [PATCH] bonding: added 802.3ad round-robin hashing policy for single TCP session balancing Oleg V. Ukhno <olegu@...dex-team.ru> wrote: >On 01/19/2011 11:12 PM, Nicolas de Pesloüan wrote: > >> If you have time for that, then yes, please, do the same test using >> balance-rr+vlan to segregate path. With those results, we whould have >> the opportunity to enhance the documentation with some well tested cases >> of TCP load balancing on a LAN, not limited to 802.3ad automatic setup. >> Both setups make sense, and assuming the results would be similar is >> probably true, but not reliable enough to assert it into the documentation. >> >> Thanks, >> >> Nicolas. >> >Nicolas, >I've ran similar tests for VLAN tunneling scenario. Results are identical, >as I expected. The only significat difference is link failure >handling. 802.3ad mode allows almost painless load reditribution, >balance-rr causes packet loss. >The only question for me now is if my patch could be applied to upstream >version - fixing issues with adaptftion to net-next code aren't the >problem, if nobody objects I've thought about this whole thing, and here's what I view as the proper way to do this. In my mind, this proposal is two separate pieces: First, a piece to make round-robin a selectable hash for xmit_hash_policy. The documentation for this should follow the pattern of the "layer3+4" hash policy, in particular noting that the new algorithm violates the 802.3ad standard in exciting ways, will result in out of order delivery, and that other 802.3ad implementations may or may not tolerate this. Second, a piece to make certain transmitted packets use the source MAC of the sending slave instead of the bond's MAC. This should be a separate option from the round-robin hash policy. I'd call it something like "mac_select" with two values: "default" (what we do now) and "slave_src_mac" to use the slave's real MAC for certain types of traffic (I'm open to better names; that's just what I came up with while writing this). I believe that "certain types" means "everything but ARP," but might be "only IP and IPv6." Structuring the option in this manner leaves the option open for additional selections in the future, which a simple "on/off" option wouldn't. This option should probably only affect a subset of modes; I'm thinking anything except balance-tlb or -alb (because they do funky MAC things already) and active-backup (it doesn't balance traffic, and already uses fail_over_mac to control this). I think this option also needs a whole new section down in the bottom explaining how to exploit it (the "pick special MACs on slaves to trick switch hash" business). Comments? -J --- -Jay Vosburgh, IBM Linux Technology Center, fubar@...ibm.com -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists