| Message ID | 20240416095343.540-1-lizheng043@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | eabf425bc6ad32fa49cfb35c7bc59db07dfdd36e |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | neighbour: guarantee the localhost connections be established successfully even the ARP table is full | expand |
On Tue, Apr 16, 2024 at 11:54 AM Zheng Li <lizheng043@gmail.com> wrote: > > From: Zheng Li <James.Z.Li@Dell.com> > > Inter-process communication on localhost should be established successfully > even the ARP table is full, many processes on server machine use the > localhost to communicate such as command-line interface (CLI), > servers hope all CLI commands can be executed successfully even the arp > table is full. Right now CLI commands got timeout when the arp table is > full. Set the parameter of exempt_from_gc to be true for LOOPBACK net > device to keep localhost neigh in arp table, not removed by gc. > > the steps of reproduced: > server with "gc_thresh3 = 1024" setting, ping server from more than 1024 > same netmask Lan IPv4 addresses, run "ssh localhost" on console interface, > then the command will get timeout. > > Signed-off-by: Zheng Li <James.Z.Li@Dell.com> > --- > net/core/neighbour.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/net/core/neighbour.c b/net/core/neighbour.c > index 552719c3bbc3..47d07b122f7a 100644 > --- a/net/core/neighbour.c > +++ b/net/core/neighbour.c > @@ -734,7 +734,9 @@ ___neigh_create(struct neigh_table *tbl, const void *pkey, > struct neighbour *__neigh_create(struct neigh_table *tbl, const void *pkey, > struct net_device *dev, bool want_ref) > { > - return ___neigh_create(tbl, pkey, dev, 0, false, want_ref); > + bool exempt_from_gc = !!(dev->flags & IFF_LOOPBACK); > + > + return ___neigh_create(tbl, pkey, dev, 0, exempt_from_gc, want_ref); > } > EXPORT_SYMBOL(__neigh_create); > Hmmm... Loopback IPv4 can hold 2^24 different addresses, that is 16384 * 1024
Internal Use - Confidential -----Original Message----- From: Eric Dumazet <edumazet@google.com> Sent: Tuesday, April 16, 2024 6:02 PM To: Zheng Li <lizheng043@gmail.com> Cc: netdev@vger.kernel.org; bpf@vger.kernel.org; davem@davemloft.net; jmorris@namei.org; pabeni@redhat.com; kuba@kernel.org; Li, James Zheng <James.Z.Li@Dell.com> Subject: Re: [PATCH] neighbour: guarantee the localhost connections be established successfully even the ARP table is full [EXTERNAL EMAIL] On Tue, Apr 16, 2024 at 11:54 AM Zheng Li <lizheng043@gmail.com> wrote: > > From: Zheng Li <James.Z.Li@Dell.com> > > Inter-process communication on localhost should be established > successfully even the ARP table is full, many processes on server > machine use the localhost to communicate such as command-line > interface (CLI), servers hope all CLI commands can be executed > successfully even the arp table is full. Right now CLI commands got > timeout when the arp table is full. Set the parameter of > exempt_from_gc to be true for LOOPBACK net device to keep localhost neigh in arp table, not removed by gc. > > the steps of reproduced: > server with "gc_thresh3 = 1024" setting, ping server from more than > 1024 same netmask Lan IPv4 addresses, run "ssh localhost" on console > interface, then the command will get timeout. > > Signed-off-by: Zheng Li <James.Z.Li@Dell.com> > --- > net/core/neighbour.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/net/core/neighbour.c b/net/core/neighbour.c index > 552719c3bbc3..47d07b122f7a 100644 > --- a/net/core/neighbour.c > +++ b/net/core/neighbour.c > @@ -734,7 +734,9 @@ ___neigh_create(struct neigh_table *tbl, const > void *pkey, struct neighbour *__neigh_create(struct neigh_table *tbl, const void *pkey, > struct net_device *dev, bool > want_ref) { > - return ___neigh_create(tbl, pkey, dev, 0, false, want_ref); > + bool exempt_from_gc = !!(dev->flags & IFF_LOOPBACK); > + > + return ___neigh_create(tbl, pkey, dev, 0, exempt_from_gc, > + want_ref); > } > EXPORT_SYMBOL(__neigh_create); > > Hmmm... > Loopback IPv4 can hold 2^24 different addresses, that is 16384 * 1024 There is only one Loopback neigh "0.0.0.0 dev lo lladdr 00:00:00:00:00:00 NOARP" existing even you have configured 2^24 different addresses on the loopback device.
On Tue, 2024-04-16 at 10:36 +0000, Li, James Zheng wrote: > On Tuesday, April 16, 2024 6:02 PM Eric Dumazet <edumazet@google.com> wrote: > > Hmmm... > > > Loopback IPv4 can hold 2^24 different addresses, that is 16384 * 1024 > > There is only one Loopback neigh "0.0.0.0 dev lo lladdr 00:00:00:00:00:00 NOARP" > existing even you have configured 2^24 different addresses on the loopback device. Eric, I think James is right, in __ipv4_neigh_lookup_noref(): if (dev->flags & (IFF_LOOPBACK | IFF_POINTOPOINT)) key = INADDR_ANY; return ___neigh_lookup_noref(&arp_tbl, neigh_key_eq32, arp_hashfn, &key, dev); So there should be at most one neigh entry over the loopback device. The patch looks safe to me, am I missing something? Thanks, Paolo
On Thu, Apr 18, 2024 at 11:33 AM Paolo Abeni <pabeni@redhat.com> wrote: > > On Tue, 2024-04-16 at 10:36 +0000, Li, James Zheng wrote: > > On Tuesday, April 16, 2024 6:02 PM Eric Dumazet <edumazet@google.com> wrote: > > > Hmmm... > > > > > Loopback IPv4 can hold 2^24 different addresses, that is 16384 * 1024 > > > > There is only one Loopback neigh "0.0.0.0 dev lo lladdr 00:00:00:00:00:00 NOARP" > > existing even you have configured 2^24 different addresses on the loopback device. > > Eric, I think James is right, in __ipv4_neigh_lookup_noref(): > > if (dev->flags & (IFF_LOOPBACK | IFF_POINTOPOINT)) > key = INADDR_ANY; > > return ___neigh_lookup_noref(&arp_tbl, neigh_key_eq32, arp_hashfn, &key, dev); > > So there should be at most one neigh entry over the loopback device. > The patch looks safe to me, am I missing something? This seems fine, thanks. It is unfortunate ip command does not seem to display these neighbours, for some reason. (I am about to send a series of three patches to remove RTNL from "ip neighbour show") Reviewed-by: Eric Dumazet <edumazet@google.com>
Hello: This patch was applied to netdev/net-next.git (main) by Paolo Abeni <pabeni@redhat.com>: On Tue, 16 Apr 2024 17:53:43 +0800 you wrote: > From: Zheng Li <James.Z.Li@Dell.com> > > Inter-process communication on localhost should be established successfully > even the ARP table is full, many processes on server machine use the > localhost to communicate such as command-line interface (CLI), > servers hope all CLI commands can be executed successfully even the arp > table is full. Right now CLI commands got timeout when the arp table is > full. Set the parameter of exempt_from_gc to be true for LOOPBACK net > device to keep localhost neigh in arp table, not removed by gc. > > [...] Here is the summary with links: - neighbour: guarantee the localhost connections be established successfully even the ARP table is full https://git.kernel.org/netdev/net-next/c/eabf425bc6ad You are awesome, thank you!
diff --git a/net/core/neighbour.c b/net/core/neighbour.c index 552719c3bbc3..47d07b122f7a 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c @@ -734,7 +734,9 @@ ___neigh_create(struct neigh_table *tbl, const void *pkey, struct neighbour *__neigh_create(struct neigh_table *tbl, const void *pkey, struct net_device *dev, bool want_ref) { - return ___neigh_create(tbl, pkey, dev, 0, false, want_ref); + bool exempt_from_gc = !!(dev->flags & IFF_LOOPBACK); + + return ___neigh_create(tbl, pkey, dev, 0, exempt_from_gc, want_ref); } EXPORT_SYMBOL(__neigh_create);