lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <54E8CE77.3050709@cumulusnetworks.com> Date: Sat, 21 Feb 2015 10:29:11 -0800 From: roopa <roopa@...ulusnetworks.com> To: Viswanath Bandaru <vbandaru@...adcom.com> CC: Florian Fainelli <f.fainelli@...il.com>, "sfeldma@...il.com" <sfeldma@...il.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "jiri@...nulli.us" <jiri@...nulli.us>, "linux@...ck-us.net" <linux@...ck-us.net>, "andrew@...n.ch" <andrew@...n.ch>, "gospo@...ulusnetworks.com" <gospo@...ulusnetworks.com>, "siva.mannem.lnx@...il.com" <siva.mannem.lnx@...il.com> Subject: Re: [PATCH net-next RFC 0/5] Add NTF_EXT_AGED to control FDB ageing in SW or HW On 2/20/15, 4:20 PM, Viswanath Bandaru wrote: >> -----Original Message----- >> From: Florian Fainelli [mailto:f.fainelli@...il.com] >> Sent: Saturday, February 21, 2015 12:44 AM >> To: roopa; sfeldma@...il.com >> Cc: netdev@...r.kernel.org; jiri@...nulli.us; linux@...ck-us.net; >> andrew@...n.ch; gospo@...ulusnetworks.com; Viswanath Bandaru; >> siva.mannem.lnx@...il.com >> Subject: Re: [PATCH net-next RFC 0/5] Add NTF_EXT_AGED to control FDB >> ageing in SW or HW >> >> On 20/02/15 09:29, roopa wrote: >>> On 2/19/15, 11:09 PM, sfeldma@...il.com wrote: >>>> From: Scott Feldman <sfeldma@...il.com> >>>> >>>> Add a new NTF_EXT_FLAG to mark an FDB as externally aged, for example >> by >>>> offload hardware. Switchdev driver/devices can set this flag when >>>> learning a >>>> new FDB entry and SW (the bridge driver) will skip this entry when >>>> running its ageing task. If flag is set, the driver/device is >>>> responsible for calling >>>> call_netdev_switch_notifiers(NETDEV_SWITCH_FDB_DEL, ...) when entry >>>> expires. >>>> >>>> This give the flexibility for driver/device to decide ageing policy >>>> based on its capabilities. For devices managing many FDB entries, it >>>> is desireable for the device to aged out its own entries. Devices >>>> not capable of aged entries can rely of SW to age out the entries. >>>> >>> scott, patches look good. However, I am not sure yet if there is a >>> need to make it a per fdb entry flag. >> I agree, in fact, most of the HW I have access to only has a global age timer >> configuration knob. Is this configurable on a per-port basis for higher end >> switches, or even maybe per-FDB entry? >> > The decision to age an entry is on a per-FDB entry, So if the flag is not available in the fdb-entry, then it has to be obtained from associated netdev. I think the per-FDB may be more convenient than keeping it on netdev. I was not saying netdev, but the bridge could have it...something like the below: diff --git a/net/bridge/br_fdb.c b/net/bridge/br_fdb.c index e0670d7..1815924 100644 --- a/net/bridge/br_fdb.c +++ b/net/bridge/br_fdb.c @@ -280,7 +280,8 @@ void br_fdb_cleanup(unsigned long _data) hlist_for_each_entry_safe(f, n, &br->hash[i], hlist) { unsigned long this_timer; - if (f->is_static) + if (f->is_static || (f->added_by_external_learn && + br->hw_aging_enabled)) continue; this_timer = f->updated + delay; if (time_before_eq(this_timer, jiffies)) diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h index de09199..68bfb4b 100644 --- a/net/bridge/br_private.h +++ b/net/bridge/br_private.h @@ -246,6 +246,7 @@ struct net_bridge unsigned char topology_change; unsigned char topology_change_detected; + unsigned char hw_aging_enabled; #ifdef CONFIG_BRIDGE_IGMP_SNOOPING unsigned char multicast_router; I have no objections to the current patchset (they clearly fix the problem). I was only wondering if the notion of aging can continue to stay in the bridge and not be carried into every fdb entry. which seems cleaner to me. > >>> At some point we will also need the hw ageing parameter to be >> configurable. >>> So other approach could be, >>> - ageing parameter on bridge gets offloaded the hw > Like everybody said, the ageing is really the switch's property. If there are two bridges with ports from same switching device, it becomes tricky to configure ageing time on the switch. ( I think this is what you may be referring to be saying it needs more thought). Regarding the two bridges with ports from the same switching device, I think the switch driver should handle that. Maybe min value etc as discussed further in this thread. Today given that most people are going to use the vlan filtering bridge and most likely prefer having a single vlan filtering bridge represent their swicth (we do in most cases), I see this being a non critical problem to solve. Thanks, Roopa -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists