lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Thu, 12 Dec 2019 01:08:05 +0300
From:   Aleksei Zakharov <>
To:     Willem de Bruijn <>
Cc:     Network Development <>
Subject: Re: RPS arp processing

11.12.2019, 22:00, "Willem de Bruijn" <>:
> On Wed, Dec 11, 2019 at 10:34 AM Aleksei Zakharov
> <> wrote:
>>  Hi, everyone
>>  Is it possible to balance ARP across CPUs with RPS?
>>  I don't clearly understand how hash is calulated for ARP packets, but it seems that it should consider source and target IPs.
> The hash is derived by flow dissection:
>     get_rps_cpus
>       ___skb_get_hash
>           skb_flow_dissect_flow_keys
> This calls __skb_flow_dissector with the flow_keys_dissector
> dissection program, which is initialized in
> init_default_flow_dissectors from flow_keys_dissector_keys.
> That program incorporates IPV4_ADDRS and IPV6_ADDRS. But that does not
> apply to ARP packets. Contrast case ETH_P_IPV6 with case ETH_P_ARP in
> __skb_flow_dissect.
> The flow dissector calls __skb_flow_dissect_arp() for deeper
> dissection, from which you could extract entropy for RPS. But the
> flow_keys_dissector program does not have FLOW_DISSECTOR_KEY_ARP
> enabled.
Thank you very much for the explanation!

>>  In our current setup we have one l2 segment between external hardware routers and namespaces on linux server.
>>  When router sends ARP request, it is passed through server's physical port, then via openvswitch bridge it is copied to every namespace.
>>  We've found that all ARPs (for different destination ips and few source ips) are processed on one CPU inside namespaces. We use RPS, and most packets are balanced between all CPUs.
> I suggest looking at the newer BPF flow dissector, which allows tuning
> dissection to specific use cases, like yours.
Thanks, I'll take a look at bpf dissector.

>>  Kernel 4.15.0-65 from ubuntu 18.04.
>>  Might this issue be related to namespaces somehow?
>>  --
>>  Regards,
>>  Aleksei Zakharov

Aleksei Zakharov

Powered by blists - more mailing lists