lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <53938405-2ba4-558f-4f2e-b7fbca846636@gmail.com>
Date:   Sun, 20 Jun 2021 07:24:40 -0700
From:   Florian Fainelli <f.fainelli@...il.com>
To:     Vladimir Oltean <olteanv@...il.com>,
        Jakub Kicinski <kuba@...nel.org>,
        "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org
Cc:     Andrew Lunn <andrew@...n.ch>,
        Vivien Didelot <vivien.didelot@...il.com>,
        Vladimir Oltean <vladimir.oltean@....com>
Subject: Re: [PATCH net-next 3/6] net: dsa: execute dsa_switch_mdb_add only
 for routing port in cross-chip topologies



On 6/18/2021 11:30 AM, Vladimir Oltean wrote:
> From: Vladimir Oltean <vladimir.oltean@....com>
> 
> Currently, the notifier for adding a multicast MAC address matches on
> the targeted port and on all DSA links in the system, be they upstream
> or downstream links.
> 
> This leads to a considerable amount of useless traffic.
> 
> Consider this daisy chain topology, and a MDB add notifier emitted on
> sw0p0. It matches on sw0p0, sw0p3, sw1p3 and sw2p4.
> 
>    sw0p0     sw0p1     sw0p2     sw0p3     sw0p4
> [  user ] [  user ] [  user ] [  dsa  ] [  cpu  ]
> [   x   ] [       ] [       ] [   x   ] [       ]
>                                   |
>                                   +---------+
>                                             |
>    sw1p0     sw1p1     sw1p2     sw1p3     sw1p4
> [  user ] [  user ] [  user ] [  dsa  ] [  dsa  ]
> [       ] [       ] [       ] [   x   ] [   x   ]
>                                   |
>                                   +---------+
>                                             |
>    sw2p0     sw2p1     sw2p2     sw2p3     sw2p4
> [  user ] [  user ] [  user ] [  user ] [  dsa  ]
> [       ] [       ] [       ] [       ] [   x   ]
> 
> But switch 0 has no reason to send the multicast traffic for that MAC
> address on sw0p3, which is how it reaches switches 1 and 2. Those
> switches don't expect, according to the user configuration, to receive
> this multicast address from switch 1, and they will drop it anyway,
> because the only valid destination is the port they received it on.
> They only need to configure themselves to deliver that multicast address
> _towards_ switch 1, where the MDB entry is installed.
> 
> Similarly, switch 1 should not send this multicast traffic towards
> sw1p3, because that is how it reaches switch 2.
> 
> With this change, the heat map for this MDB notifier changes as follows:
> 
>    sw0p0     sw0p1     sw0p2     sw0p3     sw0p4
> [  user ] [  user ] [  user ] [  dsa  ] [  cpu  ]
> [   x   ] [       ] [       ] [       ] [       ]
>                                   |
>                                   +---------+
>                                             |
>    sw1p0     sw1p1     sw1p2     sw1p3     sw1p4
> [  user ] [  user ] [  user ] [  dsa  ] [  dsa  ]
> [       ] [       ] [       ] [       ] [   x   ]
>                                   |
>                                   +---------+
>                                             |
>    sw2p0     sw2p1     sw2p2     sw2p3     sw2p4
> [  user ] [  user ] [  user ] [  user ] [  dsa  ]
> [       ] [       ] [       ] [       ] [   x   ]
> 
> Now the mdb notifier behaves the same as the fdb notifier.
> 
> Signed-off-by: Vladimir Oltean <vladimir.oltean@....com>

Reviewed-by: Florian Fainelli <f.fainelli@...il.com>
-- 
Florian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ