]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/commit
projects / mirror_ubuntu-jammy-kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cbbf09b) | patch
net: dsa: don't disable multicast flooding to the CPU even without an IGMP querier
authorVladimir Oltean <vladimir.oltean@nxp.com>
Fri, 6 Aug 2021 00:20:08 +0000 (03:20 +0300)
committerDavid S. Miller <davem@davemloft.net>
Fri, 6 Aug 2021 10:11:13 +0000 (11:11 +0100)
commitc73c57081b3d59aa99093fbedced32ea02620cd3
treeccde5e764d87abae9ede0f70c96206166d51be94tree
parentcbbf09b5771e6e9da268bc0d2fb6e428afa787bccommit | diff
net: dsa: don't disable multicast flooding to the CPU even without an IGMP querier

Commit 08cc83cc7fd8 ("net: dsa: add support for BRIDGE_MROUTER
attribute") added an option for users to turn off multicast flooding
towards the CPU if they turn off the IGMP querier on a bridge which
already has enslaved ports (echo 0 > /sys/class/net/br0/bridge/multicast_router).

And commit a8b659e7ff75 ("net: dsa: act as passthrough for bridge port flags")
simply papered over that issue, because it moved the decision to flood
the CPU with multicast (or not) from the DSA core down to individual drivers,
instead of taking a more radical position then.

The truth is that disabling multicast flooding to the CPU is simply
something we are not prepared to do now, if at all. Some reasons:

- ICMP6 neighbor solicitation messages are unregistered multicast
  packets as far as the bridge is concerned. So if we stop flooding
  multicast, the outside world cannot ping the bridge device's IPv6
  link-local address.

- There might be foreign interfaces bridged with our DSA switch ports
  (sending a packet towards the host does not necessarily equal
  termination, but maybe software forwarding). So if there is no one
  interested in that multicast traffic in the local network stack, that
  doesn't mean nobody is.

- PTP over L4 (IPv4, IPv6) is multicast, but is unregistered as far as
  the bridge is concerned. This should reach the CPU port.

- The switch driver might not do FDB partitioning. And since we don't
  even bother to do more fine-grained flood disabling (such as "disable
  flooding _from_port_N_ towards the CPU port" as opposed to "disable
  flooding _from_any_port_ towards the CPU port"), this breaks standalone
  ports, or even multiple bridges where one has an IGMP querier and one
  doesn't.

Reverting the logic makes all of the above work.

Fixes: a8b659e7ff75 ("net: dsa: act as passthrough for bridge port flags")
Fixes: 08cc83cc7fd8 ("net: dsa: add support for BRIDGE_MROUTER attribute")
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
drivers/net/dsa/b53/b53_common.c diff | blob | blame | history
drivers/net/dsa/b53/b53_priv.h diff | blob | blame | history
drivers/net/dsa/bcm_sf2.c diff | blob | blame | history
drivers/net/dsa/mv88e6xxx/chip.c diff | blob | blame | history
include/net/dsa.h diff | blob | blame | history
net/dsa/dsa_priv.h diff | blob | blame | history
net/dsa/port.c diff | blob | blame | history
net/dsa/slave.c diff | blob | blame | history
Ubuntu Jammy Linux kernel mirror