lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 11 Dec 2019 13:59:38 -0500
From:   Willem de Bruijn <>
To:     Aleksei Zakharov <>
Cc:     Network Development <>
Subject: Re: RPS arp processing

On Wed, Dec 11, 2019 at 10:34 AM Aleksei Zakharov
<> wrote:
> Hi, everyone
> Is it possible to balance ARP across CPUs with RPS?
> I don't clearly understand how hash is calulated for ARP packets, but it seems that it should consider source and target IPs.

The hash is derived by flow dissection:


This calls __skb_flow_dissector with the flow_keys_dissector
dissection program, which is initialized in
init_default_flow_dissectors from flow_keys_dissector_keys.

That program incorporates IPV4_ADDRS and IPV6_ADDRS. But that does not
apply to ARP packets. Contrast case ETH_P_IPV6 with case ETH_P_ARP in

The flow dissector calls __skb_flow_dissect_arp() for deeper
dissection, from which you could extract entropy for RPS. But the
flow_keys_dissector program does not have FLOW_DISSECTOR_KEY_ARP

> In our current setup we have one l2 segment between external hardware routers and namespaces on linux server.
> When router sends ARP request, it is passed through server's physical port, then via openvswitch bridge it is copied to every namespace.
> We've found that all ARPs (for different destination ips and few source ips) are processed on one CPU inside namespaces. We use RPS, and most packets are balanced between all CPUs.

I suggest looking at the newer BPF flow dissector, which allows tuning
dissection to specific use cases, like yours.

> Kernel 4.15.0-65 from ubuntu 18.04.
> Might this issue be related to namespaces somehow?
> --
> Regards,
> Aleksei Zakharov

Powered by blists - more mailing lists