mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-19 17:11:03 +00:00
3c71006d15
Currently, when non-default (custom) FIB rules are used, devices capable of layer 3 offloading flush their tables and let the kernel do the forwarding instead. When these devices' drivers are loaded they register to the FIB notification chain, which lets them know about the existence of any custom FIB rules. This is done by sending a RULE_ADD notification based on the value of 'net->ipv4.fib_has_custom_rules'. This approach is problematic when VRF offload is taken into account, as upon the creation of the first VRF netdev, a l3mdev rule is programmed to direct skbs to the VRF's table. Instead of merely reading the above value and sending a single RULE_ADD notification, we should iterate over all the FIB rules and send a detailed notification for each, thereby allowing offloading drivers to sanitize the rules they don't support and potentially flush their tables. While l3mdev rules are uniquely marked, the default rules are not. Therefore, when they are being notified they might invoke offloading drivers to unnecessarily flush their tables. Solve this by adding an helper to check if a FIB rule is a default rule. Namely, its selector should match all packets and its action should point to the local, main or default tables. As noted by David Ahern, uniquely marking the default rules is insufficient. When using VRFs, it's common to avoid false hits by moving the rule for the local table to just before the main table: Default configuration: $ ip rule show 0: from all lookup local 32766: from all lookup main 32767: from all lookup default Common configuration with VRFs: $ ip rule show 1000: from all lookup [l3mdev-table] 32765: from all lookup local 32766: from all lookup main 32767: from all lookup default Signed-off-by: Ido Schimmel <idosch@mellanox.com> Signed-off-by: Jiri Pirko <jiri@mellanox.com> Acked-by: David Ahern <dsa@cumulusnetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net> |
||
|---|---|---|
| .. | ||
| datagram.c | ||
| dev.c | ||
| dev_addr_lists.c | ||
| dev_ioctl.c | ||
| devlink.c | ||
| drop_monitor.c | ||
| dst.c | ||
| dst_cache.c | ||
| ethtool.c | ||
| fib_rules.c | ||
| filter.c | ||
| flow.c | ||
| flow_dissector.c | ||
| gen_estimator.c | ||
| gen_stats.c | ||
| gro_cells.c | ||
| hwbm.c | ||
| link_watch.c | ||
| lwt_bpf.c | ||
| lwtunnel.c | ||
| Makefile | ||
| neighbour.c | ||
| net-procfs.c | ||
| net-sysfs.c | ||
| net-sysfs.h | ||
| net-traces.c | ||
| net_namespace.c | ||
| netclassid_cgroup.c | ||
| netevent.c | ||
| netpoll.c | ||
| netprio_cgroup.c | ||
| pktgen.c | ||
| ptp_classifier.c | ||
| request_sock.c | ||
| rtnetlink.c | ||
| scm.c | ||
| secure_seq.c | ||
| skbuff.c | ||
| sock.c | ||
| sock_diag.c | ||
| sock_reuseport.c | ||
| stream.c | ||
| sysctl_net_core.c | ||
| timestamping.c | ||
| tso.c | ||
| utils.c | ||