diff mbox series

[net-next,6/8] vxlan: Age out FDB entries based on 'updated' time

Message ID 20250204145549.1216254-7-idosch@nvidia.com (mailing list archive)
State New
Delegated to: Netdev Maintainers
Headers show
Series vxlan: Age FDB entries based on Rx traffic | expand

Checks

Context Check Description
netdev/series_format success Posting correctly formatted
netdev/tree_selection success Clearly marked for net-next
netdev/ynl success Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 0 this patch: 0
netdev/build_tools success No tools touched, skip
netdev/cc_maintainers success CCed 7 of 7 maintainers
netdev/build_clang success Errors and warnings before: 2 this patch: 2
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 1 this patch: 1
netdev/checkpatch warning WARNING: line length of 87 exceeds 80 columns
netdev/build_clang_rust success No Rust files in patch. Skipping build
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0
netdev/contest success net-next-2025-02-05--00-00 (tests: 886)

Commit Message

Ido Schimmel Feb. 4, 2025, 2:55 p.m. UTC 
Currently, the VXLAN driver ages out FDB entries based on their 'used'
time which is refreshed by both the Tx and Rx paths. This means that an
FDB entry will not age out if traffic is only forwarded to the target
host:

 # ip link add name vx1 up type vxlan id 10010 local 192.0.2.1 dstport 4789 learning ageing 10
 # bridge fdb add 00:11:22:33:44:55 dev vx1 self dynamic dst 198.51.100.1
 # bridge fdb get 00:11:22:33:44:55 br vx1 self
 00:11:22:33:44:55 dev vx1 dst 198.51.100.1 self
 # mausezahn vx1 -a own -b 00:11:22:33:44:55 -c 0 -p 100 -q &
 # sleep 20
 # bridge fdb get 00:11:22:33:44:55 br vx1 self
 00:11:22:33:44:55 dev vx1 dst 198.51.100.1 self

This is wrong as an FDB entry will remain present when we no longer have
an indication that the host is still behind the current remote. It is
also inconsistent with the bridge driver:

 # ip link add name br1 up type bridge ageing_time $((10 * 100))
 # ip link add name swp1 up master br1 type dummy
 # bridge fdb add 00:11:22:33:44:55 dev swp1 master dynamic
 # bridge fdb get 00:11:22:33:44:55 br br1
 00:11:22:33:44:55 dev swp1 master br1
 # mausezahn br1 -a own -b 00:11:22:33:44:55 -c 0 -p 100 -q &
 # sleep 20
 # bridge fdb get 00:11:22:33:44:55 br br1
 Error: Fdb entry not found.

Solve this by aging out entries based on their 'updated' time, which is
not refreshed by the Tx path:

 # ip link add name vx1 up type vxlan id 10010 local 192.0.2.1 dstport 4789 learning ageing 10
 # bridge fdb add 00:11:22:33:44:55 dev vx1 self dynamic dst 198.51.100.1
 # bridge fdb get 00:11:22:33:44:55 br vx1 self
 00:11:22:33:44:55 dev vx1 dst 198.51.100.1 self
 # mausezahn vx1 -a own -b 00:11:22:33:44:55 -c 0 -p 100 -q &
 # sleep 20
 # bridge fdb get 00:11:22:33:44:55 br vx1 self
 Error: Fdb entry not found.

But is refreshed by the Rx path:

 # ip address add 192.0.2.1/32 dev lo
 # ip link add name vx1 up type vxlan id 10010 local 192.0.2.1 dstport 4789 localbypass
 # ip link add name vx2 up type vxlan id 20010 local 192.0.2.1 dstport 4789 learning ageing 10
 # bridge fdb add 00:11:22:33:44:55 dev vx1 self static dst 127.0.0.1 vni 20010
 # mausezahn vx1 -a 00:aa:bb:cc:dd:ee -b 00:11:22:33:44:55 -c 0 -p 100 -q &
 # sleep 20
 # bridge fdb get 00:aa:bb:cc:dd:ee br vx2 self
 00:aa:bb:cc:dd:ee dev vx2 dst 127.0.0.1 self
 # pkill mausezahn
 # sleep 20
 # bridge fdb get 00:aa:bb:cc:dd:ee br vx2 self
 Error: Fdb entry not found.

Reviewed-by: Petr Machata <petrm@nvidia.com>
Signed-off-by: Ido Schimmel <idosch@nvidia.com>
---
 drivers/net/vxlan/vxlan_core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Nikolay Aleksandrov Feb. 4, 2025, 4:38 p.m. UTC | #1 
On 2/4/25 16:55, Ido Schimmel wrote:
> Currently, the VXLAN driver ages out FDB entries based on their 'used'
> time which is refreshed by both the Tx and Rx paths. This means that an
> FDB entry will not age out if traffic is only forwarded to the target
> host:
> 
>  # ip link add name vx1 up type vxlan id 10010 local 192.0.2.1 dstport 4789 learning ageing 10
>  # bridge fdb add 00:11:22:33:44:55 dev vx1 self dynamic dst 198.51.100.1
>  # bridge fdb get 00:11:22:33:44:55 br vx1 self
>  00:11:22:33:44:55 dev vx1 dst 198.51.100.1 self
>  # mausezahn vx1 -a own -b 00:11:22:33:44:55 -c 0 -p 100 -q &
>  # sleep 20
>  # bridge fdb get 00:11:22:33:44:55 br vx1 self
>  00:11:22:33:44:55 dev vx1 dst 198.51.100.1 self
> 
> This is wrong as an FDB entry will remain present when we no longer have
> an indication that the host is still behind the current remote. It is
> also inconsistent with the bridge driver:
> 
>  # ip link add name br1 up type bridge ageing_time $((10 * 100))
>  # ip link add name swp1 up master br1 type dummy
>  # bridge fdb add 00:11:22:33:44:55 dev swp1 master dynamic
>  # bridge fdb get 00:11:22:33:44:55 br br1
>  00:11:22:33:44:55 dev swp1 master br1
>  # mausezahn br1 -a own -b 00:11:22:33:44:55 -c 0 -p 100 -q &
>  # sleep 20
>  # bridge fdb get 00:11:22:33:44:55 br br1
>  Error: Fdb entry not found.
> 
> Solve this by aging out entries based on their 'updated' time, which is
> not refreshed by the Tx path:
> 
>  # ip link add name vx1 up type vxlan id 10010 local 192.0.2.1 dstport 4789 learning ageing 10
>  # bridge fdb add 00:11:22:33:44:55 dev vx1 self dynamic dst 198.51.100.1
>  # bridge fdb get 00:11:22:33:44:55 br vx1 self
>  00:11:22:33:44:55 dev vx1 dst 198.51.100.1 self
>  # mausezahn vx1 -a own -b 00:11:22:33:44:55 -c 0 -p 100 -q &
>  # sleep 20
>  # bridge fdb get 00:11:22:33:44:55 br vx1 self
>  Error: Fdb entry not found.
> 
> But is refreshed by the Rx path:
> 
>  # ip address add 192.0.2.1/32 dev lo
>  # ip link add name vx1 up type vxlan id 10010 local 192.0.2.1 dstport 4789 localbypass
>  # ip link add name vx2 up type vxlan id 20010 local 192.0.2.1 dstport 4789 learning ageing 10
>  # bridge fdb add 00:11:22:33:44:55 dev vx1 self static dst 127.0.0.1 vni 20010
>  # mausezahn vx1 -a 00:aa:bb:cc:dd:ee -b 00:11:22:33:44:55 -c 0 -p 100 -q &
>  # sleep 20
>  # bridge fdb get 00:aa:bb:cc:dd:ee br vx2 self
>  00:aa:bb:cc:dd:ee dev vx2 dst 127.0.0.1 self
>  # pkill mausezahn
>  # sleep 20
>  # bridge fdb get 00:aa:bb:cc:dd:ee br vx2 self
>  Error: Fdb entry not found.
> 
> Reviewed-by: Petr Machata <petrm@nvidia.com>
> Signed-off-by: Ido Schimmel <idosch@nvidia.com>
> ---
>  drivers/net/vxlan/vxlan_core.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org>
diff mbox series

Patch

diff --git a/drivers/net/vxlan/vxlan_core.c b/drivers/net/vxlan/vxlan_core.c
index c75fcb0679ac..01797becae09 100644
--- a/drivers/net/vxlan/vxlan_core.c
+++ b/drivers/net/vxlan/vxlan_core.c
@@ -2860,7 +2860,7 @@  static void vxlan_cleanup(struct timer_list *t)
 			if (f->flags & NTF_EXT_LEARNED)
 				continue;
 
-			timeout = READ_ONCE(f->used) + vxlan->cfg.age_interval * HZ;
+			timeout = READ_ONCE(f->updated) + vxlan->cfg.age_interval * HZ;
 			if (time_before_eq(timeout, jiffies)) {
 				netdev_dbg(vxlan->dev,
 					   "garbage collect %pM\n",