Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp1533016ybe; Mon, 2 Sep 2019 23:14:35 -0700 (PDT) X-Google-Smtp-Source: APXvYqzwYYwkZtJ3T/BJp6+Vi3f0noA0GJysspiDgsYYuC7/d/d+tG/KMhoMSbQ/AX/Y3UTVWizB X-Received: by 2002:a17:90b:8c1:: with SMTP id ds1mr17177785pjb.114.1567491275875; Mon, 02 Sep 2019 23:14:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1567491275; cv=none; d=google.com; s=arc-20160816; b=s1KfbEfHiipp4+2bjIJ5trm7QvYmcXR5bItTXU37A+kxQ/kjHhd4yC3TpJNktAcOVr m6gUar/dpzmE1IjTMuTPtI+K44rUmY9WF4tAEWmj8khRECdR5QMNS4xFanIWGjdhnIlQ vw5VbycF/iSsBonF0i1dIgKQDZMECPFV9j2j9ZkGN2x6AqiXL0n+hlLtLC0bQd0RgRqI 8LCSJHzSZpWdYN90dvIc2DxQpGmp5/Ha/YZtZcxY+oltykr+o+9lAjw0nQ8OgoinlFZJ AzvCVOqkRC11Nzx39/uwFgeG7KUU8sIRLrGYgLvHJbkE53ynX9xDG9MGtT4SIndhuj/i sP2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=WsBdGLPtmaM6MSH9coelJlBJ4FZ7Hzc7Dzf0YZFPgy4=; b=POiuQLYn4kYscYIenZNiIZoh5HgHpXcuXYMsShHWKiiWTV2jJ2DyNts/vWC/nem4co xdOxempFTlPGm4RwpHKqaE8/9QJjafcW4XQKnUUN1uYLsIS6rgWGYz1Gi0baINUJT3cN +Nvk28yte2qvcsXWWKQU3qTmvgFR6lofKGUBhL+6764lZIbM/cHPhr7Jg8KTfugPsW+1 osCsVL6Ga55iRdxkHLoSY0JfVnkVw8cSnr+64N3qT58E07Ozq5i7iv6u7aFHBNnEg1yV ZJv624Mrc2MTI5AeVpCVIiok8u7R9OPyWLf9AMDR3PffrfVe9zfNnjFCE+8373wNQMHP Q5bg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=wserly1B; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r1si14138746plb.293.2019.09.02.23.14.20; Mon, 02 Sep 2019 23:14:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=wserly1B; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726864AbfICGNb (ORCPT + 99 others); Tue, 3 Sep 2019 02:13:31 -0400 Received: from new4-smtp.messagingengine.com ([66.111.4.230]:32921 "EHLO new4-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725888AbfICGNa (ORCPT ); Tue, 3 Sep 2019 02:13:30 -0400 Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailnew.nyi.internal (Postfix) with ESMTP id B2E372ADE; Tue, 3 Sep 2019 02:13:29 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Tue, 03 Sep 2019 02:13:29 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=WsBdGL PtmaM6MSH9coelJlBJ4FZ7Hzc7Dzf0YZFPgy4=; b=wserly1Bhz0LmmcOl/brqN ybDGSCkwc6ymsOVBdkTDE8AQhl62rSZJtRgJd+ikVqCZpBVW+0wOtnlFb/EOPr0G ydGf2GZ4lx87S8klfNEn6s0Iq3/xNgaCW66HTh7tf6LYK2/oXzA/N8I59ojOLR8m pCxHjYZbutbAMmyq79m5zwhvda53SFWKu99i5jGr2tj8N77Nm8T4P6WhJSH/4UQq oq72qlDYlxWj+JPSjlR+ibt4+3pw1AWf+WPRdohmf6nN1kZs5UF2X8PmA+8qxaOA t6VpsD1M8lMZtuiVoJh3Q5t+DJM+pF2HAdyjlTPKZYjGEtqoLFnw6BIbpX61LZLw == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduvddrudejuddguddtgecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpeffhffvuffkfhggtggujggfsehttdertddtredvnecuhfhrohhmpefkugho ucfutghhihhmmhgvlhcuoehiughoshgthhesihguohhstghhrdhorhhgqeenucfkphepud elfedrgeejrdduieehrddvhedunecurfgrrhgrmhepmhgrihhlfhhrohhmpehiughoshgt hhesihguohhstghhrdhorhhgnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from localhost (unknown [193.47.165.251]) by mail.messagingengine.com (Postfix) with ESMTPA id A733C80060; Tue, 3 Sep 2019 02:13:26 -0400 (EDT) Date: Tue, 3 Sep 2019 09:13:24 +0300 From: Ido Schimmel To: "Allan W. Nielsen" Cc: Jiri Pirko , David Miller , andrew@lunn.ch, horatiu.vultur@microchip.com, alexandre.belloni@bootlin.com, UNGLinuxDriver@microchip.com, ivecera@redhat.com, f.fainelli@gmail.com, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v3 1/2] net: core: Notify on changes to dev->promiscuity. Message-ID: <20190903061324.GA6149@splinter> References: <20190829193613.GA23259@splinter> <20190829.151201.940681219080864052.davem@davemloft.net> <20190830053940.GL2312@nanopsycho> <20190829.230233.287975311556641534.davem@davemloft.net> <20190830063624.GN2312@nanopsycho> <20190902174229.uur7r7duq4dvbnqq@lx-anielsen.microsemi.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190902174229.uur7r7duq4dvbnqq@lx-anielsen.microsemi.net> User-Agent: Mutt/1.12.1 (2019-06-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Sep 02, 2019 at 07:42:31PM +0200, Allan W. Nielsen wrote: > I have been reading through this thread several times and I still do not get it. Allan, I kept thinking about this and I want to make sure that I correctly understand the end result. With these patches applied I assume I will see the following traffic when running tcpdump on one of the netdevs exposed by the ocelot driver: - Ingress: All - Egress: Only locally generated traffic and traffic forwarded by the kernel from interfaces not belonging to the ocelot driver The above means I will not see any offloaded traffic transmitted by the port. Is that correct? I see that the driver is setting 'offload_fwd_mark' for any traffic trapped from bridged ports, which means the bridge will drop it before it traverses the packet taps on egress. Large parts of the discussion revolve around the fact that switch ports are not any different than other ports. Dave wrote "Please stop portraying switches as special in this regard" and Andrew wrote "[The user] just wants tcpdump to work like on their desktop." But if anything, this discussion proves that switch ports are special in this regard and that tcpdump will not work like on the desktop. Beside the fact that I don't agree (but gave up) with the new interpretation of promisc mode, I wonder if we're not asking for trouble with this patchset. Users will see all offloaded traffic on ingress, but none of it on egress. This is in contrast to the sever/desktop, where Linux is much more dominant in comparison to switches (let alone hw accelerated ones) and where all the traffic is visible through tcpdump. I can already see myself having to explain this over and over again to confused users. Now, I understand that showing egress traffic is inherently difficult. It means one of two things: 1. We allow packets to be forwarded by both the software and the hardware 2. We trap all ingressing traffic from all the ports Both options can have devastating effects on the network and therefore should not be triggered by a supposedly innocent invocation of tcpdump. I again wonder if it would not be wiser to solve this by introducing two new flags to tcpdump for ingress/egress (similar to -Q in/out) capturing of offloaded traffic. The capturing of egress offloaded traffic can be documented with the appropriate warnings. Anyway, I don't want to hold you up, I merely want to make sure that the above (assuming it's correct) is considered before the patches are applied. Thanks