From: Nikolay Aleksandrov <razor@blackwall.org>
To: Ido Schimmel <idosch@nvidia.com>
Cc: petrm@nvidia.com, netdev@vger.kernel.org,
bridge@lists.linux-foundation.org, edumazet@google.com,
mlxsw@nvidia.com, roopa@nvidia.com, kuba@kernel.org,
pabeni@redhat.com, davem@davemloft.net
Subject: Re: [Bridge] [RFC PATCH net-next 00/13] vxlan: Add MDB support
Date: Tue, 7 Feb 2023 22:02:58 +0100 [thread overview]
Message-ID: <0a820f10-f10f-64b7-14ba-58d9337cbb69@blackwall.org> (raw)
In-Reply-To: <Y+IZEJSwNZLH2aXN@shredder>
On 2/7/23 11:25, Ido Schimmel wrote:
> On Tue, Feb 07, 2023 at 12:24:25AM +0100, Nikolay Aleksandrov wrote:
>> Hmm, while I agree that having the control plane in user-space is nice,
>> I do like having a relatively straight-forward and well maintained
>> protocol implementation in the kernel too, similar to its IGMPv3 client
>> support which doesn't need third party packages or external software
>> libraries to work. That being said, I do have (an unfinished) patch-set
>> that adds a bridge daemon to FRR, I think we can always add a knob to
>> switch to some more advanced user-space daemon which can snoop.
>>
>> Anyway to the point - this patch-set looks ok to me, from bridge PoV
>> it's mostly code shuffling, and the new vxlan code is fairly straight-
>> forward.
>
> Thanks for taking a look. I was hoping you would comment on this
> section... :)
>
:)
> After sending the RFC I realized that what I wrote about the user space
> implementation is not accurate. An AF_PACKET socket opened on the VXLAN
> device will only give you the decapsulated IGMP / MLD packets. You
> wouldn't know from which remote VTEP they arrived. However, my point
> still stands: As long as the kernel is not performing snooping we can
> defer the forming of the replication lists to user space and avoid the
> complexity of the "added_by_star_ex" entries (among many other things).
> If in the future we need to implement snooping in the kernel, then we
> will expose a new knob (e.g., "mcast_snooping", default off), which will
> also enable the "added_by_star_ex" entries.
>
Yep, I agree that it would be best for this case and we don't need the
extra complexity in the kernel. I was referring more to the standard
IGMPv3 implementation (both client and bridge).
> I tried looking what other implementations are doing and my impression
> is that by "VXLAN IGMP snooping" they all refer to the snooping done in
> the bridge driver. That is, instead of treating the VXLAN port as a
> router port, the bridge will only forward specific groups to the VXLAN
> port, but this multicast traffic will be forwarded to all the VTEPs.
> This is already supported by the kernel.
>
> Regarding what you wrote about a new knob in the bridge driver, you mean
> that this knob will enable MDB lookup regardless of "mcast_snooping"?
Yep, we can implement the snooping logic in user-space and use the
bridge only as a dataplane (that's what my bridge daemon in frr was
going to do for IGMPv3 and also explicit host tracking).
> Currently this knob enables both snooping and MDB lookup. Note that I
> didn't add a new knob to the VXLAN device because I figured that if user
> space doesn't want MDB lookup, then it will not configure MDB entries.
>
Yeah, of course. The set makes sense as it is since vxlan's logic would
be in user-space.
> Thanks!
prev parent reply other threads:[~2023-02-07 21:02 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-04 17:07 [Bridge] [RFC PATCH net-next 00/13] vxlan: Add MDB support Ido Schimmel
2023-02-04 17:07 ` [Bridge] [RFC PATCH net-next 01/13] bridge: mcast: Use correct define in MDB dump Ido Schimmel
2023-02-04 17:07 ` [Bridge] [RFC PATCH net-next 02/13] bridge: mcast: Remove pointless sequence generation counter assignment Ido Schimmel
2023-02-04 17:07 ` [Bridge] [RFC PATCH net-next 03/13] bridge: mcast: Move validation to a policy Ido Schimmel
2023-02-04 17:07 ` [Bridge] [RFC PATCH net-next 04/13] net: Add MDB net device operations Ido Schimmel
2023-02-04 17:07 ` [Bridge] [RFC PATCH net-next 05/13] bridge: mcast: Implement " Ido Schimmel
2023-02-04 17:07 ` [Bridge] [RFC PATCH net-next 06/13] rtnetlink: bridge: mcast: Move MDB handlers out of bridge driver Ido Schimmel
2023-02-04 17:07 ` [Bridge] [RFC PATCH net-next 07/13] rtnetlink: bridge: mcast: Relax group address validation in common code Ido Schimmel
2023-02-04 17:07 ` [Bridge] [RFC PATCH net-next 08/13] vxlan: Move address helpers to private headers Ido Schimmel
2023-02-04 17:07 ` [Bridge] [RFC PATCH net-next 09/13] vxlan: Expose vxlan_xmit_one() Ido Schimmel
2023-02-04 17:07 ` [Bridge] [RFC PATCH net-next 10/13] vxlan: mdb: Add MDB control path support Ido Schimmel
2023-02-04 17:07 ` [Bridge] [RFC PATCH net-next 11/13] vxlan: mdb: Add an internal flag to indicate MDB usage Ido Schimmel
2023-02-04 17:08 ` [Bridge] [RFC PATCH net-next 12/13] vxlan: Add MDB data path support Ido Schimmel
2023-02-04 17:08 ` [Bridge] [RFC PATCH net-next 13/13] vxlan: Enable MDB support Ido Schimmel
2023-02-06 23:24 ` [Bridge] [RFC PATCH net-next 00/13] vxlan: Add " Nikolay Aleksandrov
2023-02-07 9:25 ` Ido Schimmel
2023-02-07 21:02 ` Nikolay Aleksandrov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0a820f10-f10f-64b7-14ba-58d9337cbb69@blackwall.org \
--to=razor@blackwall.org \
--cc=bridge@lists.linux-foundation.org \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=idosch@nvidia.com \
--cc=kuba@kernel.org \
--cc=mlxsw@nvidia.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=petrm@nvidia.com \
--cc=roopa@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).