Received: by 2002:a05:6358:f14:b0:e5:3b68:ec04 with SMTP id b20csp4738978rwj;
        Tue, 20 Dec 2022 14:29:26 -0800 (PST)
X-Google-Smtp-Source: AA0mqf53WFNyHD4nmLfMjcRdSDqHr9t/M/xpHt81eT+JHYpNBFWirXCvR4dR/qfMvPIfWEqF5z1R
X-Received: by 2002:a17:906:a95:b0:7c0:f684:9092 with SMTP id y21-20020a1709060a9500b007c0f6849092mr35455371ejf.37.1671575366571;
        Tue, 20 Dec 2022 14:29:26 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1671575366; cv=none;
        d=google.com; s=arc-20160816;
        b=QtLwcDGvqo8UTN0K4J06ehwJ8YtfDsLqSvm4MytqjIj6Bbz77kK9+W9paxYqpfDFC1
         8uBUYQXZCg+bnJ6UWX/VV9hPC3bkQ5Gs73fYjGnasi9D/2ySNiQ1hAcDdBGrmAKG8HH9
         DsrmEzeXxaoBQpzf7iqnOPQnbFEyB9lgIy4k74PUNXw9GAZ9PVzqoh4JdhcJofpnhlxh
         ZBroE6aZJ033KB8wxJr6dz8V5o2geT8azolp4/9H9SdrLid3FJhqbZC3b+CmBiBhg80T
         ppM76IzUMoo0I6cUsCWngysG2xWYsLwfx/Pt51zgGunQtz7+yE1H9D81IJb3j7fvj5Nh
         N0FQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=zKdby5jz1dpXnJrBgCDeZHqY7CetYnf+rddUGWikGd8=;
        b=fIlM2EzM0JKTsNQeQwM9JmnwbDfhz2Y4l3iQfbLKAQozrD1+PA1RqC2VQ3H14tHGBq
         GZ2qD2uzuvVx9DrUT9BDPhBvPrJekuUjaFjwqL+RUf99fO4IOsSn47KqQpALwRIFdgHp
         WHNM2oOt/9D1D26b6+apPo7aF9e0HLkGClf1zLN0NsnMAfdnfmeouf2e9Mq7VLXcRE4T
         DU4EwmXf6B18fEmUNPuMFkcyq/v163dEa0lpDkkI5/BrGdpfaKJllGSeOjHPD6gisiJ7
         C/zepJe6AyBBP19oVAXNhucLmuG4BNmQC7qWGY4jQ3c7g0j0/Yuex2drOHv7RQBk1Tw+
         l/Zw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20210112 header.b=LtuYYUO4;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id sa26-20020a1709076d1a00b008318885e1ddsi4375435ejc.616.2022.12.20.14.29.10;
        Tue, 20 Dec 2022 14:29:26 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20210112 header.b=LtuYYUO4;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233995AbiLTVsw (ORCPT <rfc822;4ak.abc@gmail.com> + 68 others);
        Tue, 20 Dec 2022 16:48:52 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55908 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229451AbiLTVsu (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 20 Dec 2022 16:48:50 -0500
Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com [IPv6:2a00:1450:4864:20::234])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 23EB1B867;
        Tue, 20 Dec 2022 13:48:50 -0800 (PST)
Received: by mail-lj1-x234.google.com with SMTP id v11so13774957ljk.12;
        Tue, 20 Dec 2022 13:48:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=zKdby5jz1dpXnJrBgCDeZHqY7CetYnf+rddUGWikGd8=;
        b=LtuYYUO4y4anNRiDR9VxdCz9svNTEEzoi2IJE7Pr+nOG55Vtu0ZImP/8W71R3G5n94
         6ozdzrhj7jctdQj2v4Ucy669R8l0R7/KczTwZApy/tPj9ZTA522l5zf5tcm8zBnKC54q
         2xIkgk1eLVV5cJ7x+nAGwO/T4GE15a7iVQR7ucjoc5bj4nwKJmUqlKvxBZSoGuv9Nezt
         11MLvkjgYLbs0pXj5DxXffqWFp6FzFRHdWmxseyR0VtbVBfq+/QyU7pbljX8Xb/dqfCv
         BhOCYdlQcT5lnoBdobE08OsEHvQkfZyxgaZMNDolTHTEDZoTJ+TF0X/Xim8TXz+5HUkd
         n6RQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=zKdby5jz1dpXnJrBgCDeZHqY7CetYnf+rddUGWikGd8=;
        b=jm5o7aJEs6qxjotVNjC9SoFHlDWyMH5tmmdJ8M54p0XkTy0KAUs4MMLs8bwG/tc08Q
         3F6gWCvYb7zgYF77ntB9vNqizLfzuT9uFEZbYNoz5i5hPEi54vrsaqDut/kwsaGQWH1p
         kTI877KDRwtvMjC3hScV2gZhSFFW5oqeh1xp3EUcVcDWdIpchEefcjGYhTEvTR+xdPkU
         q/N6hv5R2k1turPJS5lJ3rPj8tGcvpNi7Pg2YMKltnCjcpzk8O/GwZ2RGaqHVjqW/9y3
         tQxkQLzZkAj7MAGJq7yjhJPnhvs+bg42YTS6oGanXpbB6fm5stXuWtpdRk7lQxUJCk9R
         Elbg==
X-Gm-Message-State: ANoB5pkrWDfqqBPgB73SKMfl6C2ifHNQetz6g2GDnIkpD3Xf1ETsC5Z9
        0Ts9NWTat8TeJcBijtqaQzD2fT+oXjZMESGaPqs=
X-Received: by 2002:a2e:bc0b:0:b0:27b:5a9f:3bf5 with SMTP id
 b11-20020a2ebc0b000000b0027b5a9f3bf5mr1880153ljf.320.1671572928246; Tue, 20
 Dec 2022 13:48:48 -0800 (PST)
MIME-Version: 1.0
References: <20221218234801.579114-1-jmaxwell37@gmail.com> <9f145202ca6a59b48d4430ed26a7ab0fe4c5dfaf.camel@redhat.com>
In-Reply-To: <9f145202ca6a59b48d4430ed26a7ab0fe4c5dfaf.camel@redhat.com>
From:   Jonathan Maxwell <jmaxwell37@gmail.com>
Date:   Wed, 21 Dec 2022 08:48:11 +1100
Message-ID: <CAGHK07ALtLTjRP-XOepqoc8xzWcT8=0v5ccL-98f4+SU9vwfsg@mail.gmail.com>
Subject: Re: [net-next] ipv6: fix routing cache overflow for raw sockets
To:     Paolo Abeni <pabeni@redhat.com>
Cc:     davem@davemloft.net, edumazet@google.com, kuba@kernel.org,
        yoshfuji@linux-ipv6.org, dsahern@kernel.org,
        netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT,
        FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Dec 20, 2022 at 11:35 PM Paolo Abeni <pabeni@redhat.com> wrote:
>
> On Mon, 2022-12-19 at 10:48 +1100, Jon Maxwell wrote:
> > Sending Ipv6 packets in a loop via a raw socket triggers an issue where a
> > route is cloned by ip6_rt_cache_alloc() for each packet sent. This quickly
> > consumes the Ipv6 max_size threshold which defaults to 4096 resulting in
> > these warnings:
> >
> > [1]   99.187805] dst_alloc: 7728 callbacks suppressed
> > [2] Route cache is full: consider increasing sysctl net.ipv6.route.max_size.
> > .
> > .
> > [300] Route cache is full: consider increasing sysctl net.ipv6.route.max_size.
>
> If I read correctly, the maximum number of dst that the raw socket can
> use this way is limited by the number of packets it allows via the
> sndbuf limit, right?
>

Yes, but in my test sndbuf limit is never hit so it clones a route for
every packet.

e.g:

output from C program sending 5000000 packets via a raw socket.

ip raw: total num pkts 5000000

# bpftrace -e 'kprobe:dst_alloc {@count[comm] = count()}'
Attaching 1 probe...

@count[a.out]: 5000009

> Are other FLOWI_FLAG_KNOWN_NH users affected, too? e.g. nf_dup_ipv6,
> ipvs, seg6?
>

Any call to ip6_pol_route(s) where no res.nh->fib_nh_gw_family is 0 can do it.
But we have only seen this for raw sockets so far.

Regards

Jon

> @DavidA: why do we need to create RTF_CACHE clones for KNOWN_NH flows?
>
> Thanks,
>
> Paolo
>