Merge branch 'bridge-non-promisc'
Vlad Yasevich says:
====================
bridge: Non-promisc bridge ports support
This series adds functionality to the bridge device to enable
operations without setting all ports to promiscuous mode.
The basic concept is this. The bridge keeps track of the ports
that support learning and flooding packets to unknown destinations.
We call these ports auto-discovery ports since they automatically
discover who is behind them through learning and flooding.
If flooding and learning are disabled via flags, then the port
requires static configuration to tell it which mac addresses
are behind it. This is accomplished through adding of fdbs.
These fdbs should be static as dynamic fdbs can expire and systems
will become unreachable due to lack of flooding.
If the user marks all ports as needing static configuration then
we can safely make them non-promiscuous since we will know all the
information about them.
If the user leaves only 1 port as automatic, then we can mark
that port as not-promiscuous as well. One could think of
this a edge relay similar to what's support by embedded switches
in SRIOV devices. Since we have all the information about the
other ports, we can just program the mac addresses into the
single automatic port to receive all necessary traffic.
More information about this is patch 6.
In other cases, we keep all ports promiscuous as before.
There are some other cases when promiscuous mode has to be turned
back on. One is when the bridge itself if placed in promiscuous
mode (user sets promisc flag). The other is if vlan filtering is
turned off. Since this is the default configuration, the default
bridge operation is not changed.
Changes since v2:
- White space and spelling fixes from Michael Tsirkin
- Squash patches 6, 7 and 8 to prevent bisect breakage.
Changes since v1:
- Address issues rasied by Stephen Heminger
- Address initializer comments raised by Sergey Shtylyov
- Rebased recent net-next.
Changes since rfc v2:
- Better description of in the commit logs
- Leave port in promiscuous mode if IFF_UNICAST_FLT is disabled on the
device.
- Fix issue with flag masking
- Rework patch ordering a bit.
Changes since rfc v1:
- Removed private list. We now traverse the fdb hashtable itself
to write necessary addresses to the ports (Stephen's concern)
- Add learning flag to the mask for flags that decides if the port
is 'auto' or not (suggest by MST and Jamal).
- Simplified tracking of such ports at the cost of a loop over all
ports (suggested by MST)
I've played with quite a large number of ports and the current approach
seems to work fairly well.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Showing
Please register or sign in to comment