lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 9 Jul 2020 14:57:00 +0000
From:   ѽ҉ᶬḳ℠ <vtol@....net>
To:     netdev@...r.kernel.org
Cc:     Andrew Lunn <andrew@...n.ch>
Subject: Re: [DSA] L2 Forwarding Offload not working

On 09/07/2020 14:35, Andrew Lunn wrote:
>> Two questions if you do not mind:
>>
>> 1) does the above apply to all stable kernel releases or only => 5.4?
>> Because with 4.14 there are reports that dynamic addresses of clients
>> roaming from a switch port to an bridge port (upstream of the switch,
>> e.g. WLan AP provided by the router) facing time outs until the switch
>> retires (ages) the client's MAC.
> DSA has always worked like this.
>
> It does however very from switch to switch. When adding a new switch,
> the first version of the driver sometimes does not support offloading.
> All frames are forwarded to the software bridge, and the software
> bridge does all the work. Then the driver gets extended, to support
> the hardware doing the work. And the driver gets extended again to
> allow static FDB entries to be passed to the hardware. DSA drivers are
> not 'big bang'. It is not all or nothing. They gain features with
> time. So you need to look at the driver in your specific version of
> the kernel to see what it supports. And you might need to be careful
> with the OpenWRT kernel, see if they have backported features.
>
>> 2) The document
>> https://www.kernel.org/doc/Documentation/networking/switchdev.txt cites
>> (for static entries)
>>
>> bridge command will label these entries "offload"
>>
>> Is that still up-to-date or rather outdated from the earlier days of DSA?
> It should be true. But you need a reasonably recent iproute2 for this
> to be shown.
>
>     Andrew

The distro backported bridge from 5.7 (ip-bridge 5.7.0-1)

but the offload label does not show, which I would reckon does make
sense anyway for the DSA ports (or should it anyway?) but then attempted
to add a MAC to a WLan port (mPCIe to CPUl), e.g.

bridge fdb add MAC dev WLan_5G vlan 1 self

which printed

RTNETLINK answers: Invalid argument

and

bridge fdb add MAC dev WLan_5G self

which worked but does not show the offload label either, instead when
queried with bridge fdb exhibiting:

MAC dev WLan_5G self permanent

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ