-
Notifications
You must be signed in to change notification settings - Fork 324
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
gluon-mesh-batman-adv-brmldproxy: avoid MLD report broadcasts
So far batman-adv flooded all MLD reports. However in our use-case, with the limitations we already have (*) it is safe to send MLD reports to detected multicast routers only. This reduces MLD report overhead even further than brmldproxy alone already does. And in particular results in no MLD reports in the mesh if no multicast router is present. This should, after some more testing from others, potentially make the gluon-mesh-batman-adv-brmldproxy package suitable for being included by default. As overhead downsides should then be negligible. Note: This change to the MLD report forwarding behaviour is only applied if the gluon-mesh-batman-adv-brmldproxy is installed (and brmldproxy then not manually disabled). Otherwise these changes to batman-adv and batctl are unused. (*): non-Gluon nodes still need to manually set multicast_router=2 on the bat0 bridge port. Signed-off-by: Linus Lüssing <[email protected]>
- Loading branch information
Showing
3 changed files
with
517 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
288 changes: 288 additions & 0 deletions
288
...uting/0004-batman-adv-mcast-add-option-to-forward-MLD-reports-only-to-mcast-routers.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,288 @@ | ||
From: Linus Lüssing <[email protected]> | ||
Date: Tue, 26 Sep 2023 17:55:43 +0200 | ||
Subject: batman-adv: mcast: add option to forward MLD reports only to mcast routers | ||
|
||
In most setups it is sufficient for us to only send MLD reports to nodes | ||
which have a multicast router attached. Which reduces overall overhead, | ||
especially in large batman-adv mesh networks, where broadcasts are | ||
particularly undesirable. | ||
|
||
However there is one specific, known issue / broken scenario with this | ||
setting: | ||
|
||
If the IGMP/MLD querier is configured directly on the bridge on top of | ||
bat0. But there is no multicast router on or behind this node. Then this | ||
bridge will be unable to detect multicast listeners on/behind other | ||
nodes which have the MLD-RTR-ONLY setting enabled. (A workaround for this | ||
can then in turn be to set multicast_router=2 on the bat0 bridge port | ||
on the node with the IGMP/MLD querier.) | ||
|
||
Therefore MLD report flooding is kept the default and MLD report to | ||
multicast routers only forwarding is considered experimental and | ||
warned about. | ||
|
||
Signed-off-by: Linus Lüssing <[email protected]> | ||
|
||
diff --git a/batman-adv/patches/0035-batman-adv-mcast-add-option-to-forward-MLD-reports-o.patch b/batman-adv/patches/0035-batman-adv-mcast-add-option-to-forward-MLD-reports-o.patch | ||
new file mode 100644 | ||
index 0000000000000000000000000000000000000000..47392c98d7950454e8096019fab04dee27ac1531 | ||
--- /dev/null | ||
+++ b/batman-adv/patches/0035-batman-adv-mcast-add-option-to-forward-MLD-reports-o.patch | ||
@@ -0,0 +1,257 @@ | ||
+From 67e5b92b81178cd87d8470f86e4f289c900d96a5 Mon Sep 17 00:00:00 2001 | ||
+From: =?UTF-8?q?Linus=20L=C3=BCssing?= <[email protected]> | ||
+Date: Tue, 26 Sep 2023 06:35:08 +0200 | ||
+Subject: [PATCH] batman-adv: mcast: add option to forward MLD reports only to | ||
+ mcast routers | ||
+MIME-Version: 1.0 | ||
+Content-Type: text/plain; charset=UTF-8 | ||
+Content-Transfer-Encoding: 8bit | ||
+ | ||
+In most setups it is sufficient for us to only send MLD reports to nodes | ||
+which have a multicast router attached. Which reduces overall overhead, | ||
+especially in large batman-adv mesh networks, where broadcasts are | ||
+particularly undesirable. | ||
+ | ||
+However there is one specific, known issue / broken scenario with this | ||
+setting: | ||
+ | ||
+If the IGMP/MLD querier is configured directly on the bridge on top of | ||
+bat0. But there is no multicast router on or behind this node. Then this | ||
+bridge will be unable to detect multicast listeners on/behind other | ||
+nodes which have the MLD-RTR-ONLY setting enabled. (A workaround for this | ||
+can then in turn be to set multicast_router=2 on the bat0 bridge port | ||
+on the node with the IGMP/MLD querier.) | ||
+ | ||
+Therefore MLD report flooding is kept the default and MLD report to | ||
+multicast routers only forwarding is considered experimental and | ||
+warned about. | ||
+ | ||
+Signed-off-by: Linus Lüssing <[email protected]> | ||
+--- | ||
+ include/uapi/linux/batman_adv.h | 9 ++++++ | ||
+ net/batman-adv/multicast.c | 52 +++++++++++++++++++++++++-------- | ||
+ net/batman-adv/netlink.c | 17 +++++++++++ | ||
+ net/batman-adv/soft-interface.c | 1 + | ||
+ net/batman-adv/types.h | 7 +++++ | ||
+ 5 files changed, 74 insertions(+), 12 deletions(-) | ||
+ | ||
+diff --git a/include/uapi/linux/batman_adv.h b/include/uapi/linux/batman_adv.h | ||
+index e5b62f6c35a2..885cc2482dc8 100644 | ||
+--- a/include/uapi/linux/batman_adv.h | ||
++++ b/include/uapi/linux/batman_adv.h | ||
+@@ -493,6 +493,15 @@ enum batadv_nl_attrs { | ||
+ */ | ||
+ BATADV_ATTR_NOFLOOD_MASK, | ||
+ | ||
++ /** | ||
++ * @BATADV_ATTR_MULTICAST_MLD_RTR_ONLY_ENABLED: defines how IGMP/MLD | ||
++ * reports are forwarded in the mesh. If set to non-zero then IGMP/MLD | ||
++ * reports are only forwarded to detected multicast routers. If set to | ||
++ * zero then they are flooded instead. | ||
++ * Warning: The former is experimental and potentially unsafe! | ||
++ */ | ||
++ BATADV_ATTR_MULTICAST_MLD_RTR_ONLY_ENABLED, | ||
++ | ||
+ /* add attributes above here, update the policy in netlink.c */ | ||
+ | ||
+ /** | ||
+diff --git a/net/batman-adv/multicast.c b/net/batman-adv/multicast.c | ||
+index 7e8515bbf2e9..2c9467afdd99 100644 | ||
+--- a/net/batman-adv/multicast.c | ||
++++ b/net/batman-adv/multicast.c | ||
+@@ -973,8 +973,14 @@ static int batadv_mcast_forw_mode_check_ipv4(struct batadv_priv *bat_priv, | ||
+ if (!pskb_may_pull(skb, sizeof(struct ethhdr) + sizeof(*iphdr))) | ||
+ return -ENOMEM; | ||
+ | ||
+- if (batadv_mcast_is_report_ipv4(skb)) | ||
++ if (batadv_mcast_is_report_ipv4(skb)) { | ||
++ if (atomic_read(&bat_priv->multicast_mld_rtr_only)) { | ||
++ *is_routable = IGMP_HOST_MEMBERSHIP_REPORT; | ||
++ return 0; | ||
++ } | ||
++ | ||
+ return -EINVAL; | ||
++ } | ||
+ | ||
+ iphdr = ip_hdr(skb); | ||
+ | ||
+@@ -1037,8 +1043,14 @@ static int batadv_mcast_forw_mode_check_ipv6(struct batadv_priv *bat_priv, | ||
+ if (!pskb_may_pull(skb, sizeof(struct ethhdr) + sizeof(*ip6hdr))) | ||
+ return -ENOMEM; | ||
+ | ||
+- if (batadv_mcast_is_report_ipv6(skb)) | ||
++ if (batadv_mcast_is_report_ipv6(skb)) { | ||
++ if (atomic_read(&bat_priv->multicast_mld_rtr_only)) { | ||
++ *is_routable = ICMPV6_MGM_REPORT; | ||
++ return 0; | ||
++ } | ||
++ | ||
+ return -EINVAL; | ||
++ } | ||
+ | ||
+ ip6hdr = ipv6_hdr(skb); | ||
+ | ||
+@@ -1125,17 +1137,19 @@ static int batadv_mcast_forw_want_all_ip_count(struct batadv_priv *bat_priv, | ||
+ * @protocol: the ethernet protocol type to count multicast routers for | ||
+ * | ||
+ * Return: the number of nodes which want all routable IPv4 multicast traffic | ||
+- * if the protocol is ETH_P_IP or the number of nodes which want all routable | ||
+- * IPv6 traffic if the protocol is ETH_P_IPV6. Otherwise returns 0. | ||
++ * if the protocol is ETH_P_IP or IGMP_HOST_MEMBERSHIP_REPORT. Or the number of | ||
++ * nodes which want all routable IPv6 traffic if the protocol is ETH_P_IPV6 or | ||
++ * ICMPV6_MGM_REPORT. Otherwise returns 0. | ||
+ */ | ||
+- | ||
+ static int batadv_mcast_forw_rtr_count(struct batadv_priv *bat_priv, | ||
+ int protocol) | ||
+ { | ||
+ switch (protocol) { | ||
+ case ETH_P_IP: | ||
++ case IGMP_HOST_MEMBERSHIP_REPORT: | ||
+ return atomic_read(&bat_priv->mcast.num_want_all_rtr4); | ||
+ case ETH_P_IPV6: | ||
++ case ICMPV6_MGM_REPORT: | ||
+ return atomic_read(&bat_priv->mcast.num_want_all_rtr6); | ||
+ default: | ||
+ return 0; | ||
+@@ -1154,10 +1168,11 @@ enum batadv_forw_mode | ||
+ batadv_mcast_forw_mode(struct batadv_priv *bat_priv, struct sk_buff *skb, | ||
+ int *is_routable) | ||
+ { | ||
+- int ret, tt_count, ip_count, unsnoop_count, total_count; | ||
++ atomic_t *unsnoop_cnt_atom = &bat_priv->mcast.num_want_all_unsnoopables; | ||
++ int ret, ip_count, rtr_count, total_count; | ||
++ int tt_count = 0, unsnoop_count = 0; | ||
+ bool is_unsnoopable = false; | ||
+ struct ethhdr *ethhdr; | ||
+- int rtr_count = 0; | ||
+ | ||
+ ret = batadv_mcast_forw_mode_check(bat_priv, skb, &is_unsnoopable, | ||
+ is_routable); | ||
+@@ -1168,11 +1183,17 @@ batadv_mcast_forw_mode(struct batadv_priv *bat_priv, struct sk_buff *skb, | ||
+ | ||
+ ethhdr = eth_hdr(skb); | ||
+ | ||
+- tt_count = batadv_tt_global_hash_count(bat_priv, ethhdr->h_dest, | ||
+- BATADV_NO_FLAGS); | ||
+- ip_count = batadv_mcast_forw_want_all_ip_count(bat_priv, ethhdr); | ||
+- unsnoop_count = !is_unsnoopable ? 0 : | ||
+- atomic_read(&bat_priv->mcast.num_want_all_unsnoopables); | ||
++ if (*is_routable != IGMP_HOST_MEMBERSHIP_REPORT && | ||
++ *is_routable != ICMPV6_MGM_REPORT) { | ||
++ tt_count = batadv_tt_global_hash_count(bat_priv, ethhdr->h_dest, | ||
++ BATADV_NO_FLAGS); | ||
++ | ||
++ if (is_unsnoopable) | ||
++ unsnoop_count = atomic_read(unsnoop_cnt_atom); | ||
++ } | ||
++ | ||
++ ip_count = batadv_mcast_forw_want_all_ip_count(bat_priv, | ||
++ ethhdr); | ||
+ rtr_count = batadv_mcast_forw_rtr_count(bat_priv, *is_routable); | ||
+ | ||
+ total_count = tt_count + ip_count + unsnoop_count + rtr_count; | ||
+@@ -1462,8 +1483,10 @@ batadv_mcast_forw_want_rtr(struct batadv_priv *bat_priv, | ||
+ { | ||
+ switch (ntohs(eth_hdr(skb)->h_proto)) { | ||
+ case ETH_P_IP: | ||
++ case IGMP_HOST_MEMBERSHIP_REPORT: | ||
+ return batadv_mcast_forw_want_all_rtr4(bat_priv, skb, vid); | ||
+ case ETH_P_IPV6: | ||
++ case ICMPV6_MGM_REPORT: | ||
+ return batadv_mcast_forw_want_all_rtr6(bat_priv, skb, vid); | ||
+ default: | ||
+ /* we shouldn't be here... */ | ||
+@@ -1493,12 +1516,17 @@ int batadv_mcast_forw_send(struct batadv_priv *bat_priv, struct sk_buff *skb, | ||
+ { | ||
+ int ret; | ||
+ | ||
++ if (is_routable == IGMP_HOST_MEMBERSHIP_REPORT || | ||
++ is_routable == ICMPV6_MGM_REPORT) | ||
++ goto skip_mc_listeners; | ||
++ | ||
+ ret = batadv_mcast_forw_tt(bat_priv, skb, vid); | ||
+ if (ret != NET_XMIT_SUCCESS) { | ||
+ kfree_skb(skb); | ||
+ return ret; | ||
+ } | ||
+ | ||
++skip_mc_listeners: | ||
+ ret = batadv_mcast_forw_want_all(bat_priv, skb, vid); | ||
+ if (ret != NET_XMIT_SUCCESS) { | ||
+ kfree_skb(skb); | ||
+diff --git a/net/batman-adv/netlink.c b/net/batman-adv/netlink.c | ||
+index 7a7e41371a2f..b3a8752b5705 100644 | ||
+--- a/net/batman-adv/netlink.c | ||
++++ b/net/batman-adv/netlink.c | ||
+@@ -149,6 +149,7 @@ static const struct nla_policy batadv_netlink_policy[NUM_BATADV_ATTR] = { | ||
+ [BATADV_ATTR_LOG_LEVEL] = { .type = NLA_U32 }, | ||
+ [BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED] = { .type = NLA_U8 }, | ||
+ [BATADV_ATTR_MULTICAST_FANOUT] = { .type = NLA_U32 }, | ||
++ [BATADV_ATTR_MULTICAST_MLD_RTR_ONLY_ENABLED] = { .type = NLA_U8 }, | ||
+ [BATADV_ATTR_NETWORK_CODING_ENABLED] = { .type = NLA_U8 }, | ||
+ [BATADV_ATTR_ORIG_INTERVAL] = { .type = NLA_U32 }, | ||
+ [BATADV_ATTR_ELP_INTERVAL] = { .type = NLA_U32 }, | ||
+@@ -357,6 +358,10 @@ static int batadv_netlink_mesh_fill(struct sk_buff *msg, | ||
+ if (nla_put_u32(msg, BATADV_ATTR_MULTICAST_FANOUT, | ||
+ atomic_read(&bat_priv->multicast_fanout))) | ||
+ goto nla_put_failure; | ||
++ | ||
++ if (nla_put_u8(msg, BATADV_ATTR_MULTICAST_MLD_RTR_ONLY_ENABLED, | ||
++ atomic_read(&bat_priv->multicast_mld_rtr_only))) | ||
++ goto nla_put_failure; | ||
+ #endif /* CONFIG_BATMAN_ADV_MCAST */ | ||
+ | ||
+ #ifdef CONFIG_BATMAN_ADV_NC | ||
+@@ -615,6 +620,18 @@ static int batadv_netlink_set_mesh(struct sk_buff *skb, struct genl_info *info) | ||
+ | ||
+ atomic_set(&bat_priv->multicast_fanout, nla_get_u32(attr)); | ||
+ } | ||
++ | ||
++ if (info->attrs[BATADV_ATTR_MULTICAST_MLD_RTR_ONLY_ENABLED]) { | ||
++ u8 mld_rtr_only; | ||
++ | ||
++ attr = info->attrs[BATADV_ATTR_MULTICAST_MLD_RTR_ONLY_ENABLED]; | ||
++ mld_rtr_only = !!nla_get_u8(attr); | ||
++ if (mld_rtr_only) | ||
++ batadv_info(bat_priv->soft_iface, | ||
++ "Warning: MLD-RTR-ONLY is experimental and has known, broken scenarios\n"); | ||
++ | ||
++ atomic_set(&bat_priv->multicast_mld_rtr_only, mld_rtr_only); | ||
++ } | ||
+ #endif /* CONFIG_BATMAN_ADV_MCAST */ | ||
+ | ||
+ #ifdef CONFIG_BATMAN_ADV_NC | ||
+diff --git a/net/batman-adv/soft-interface.c b/net/batman-adv/soft-interface.c | ||
+index 340e5a75c689..8949e8bbb81c 100644 | ||
+--- a/net/batman-adv/soft-interface.c | ||
++++ b/net/batman-adv/soft-interface.c | ||
+@@ -779,6 +779,7 @@ static int batadv_softif_init_late(struct net_device *dev) | ||
+ #ifdef CONFIG_BATMAN_ADV_MCAST | ||
+ atomic_set(&bat_priv->multicast_mode, 1); | ||
+ atomic_set(&bat_priv->multicast_fanout, 16); | ||
++ atomic_set(&bat_priv->multicast_mld_rtr_only, 0); | ||
+ atomic_set(&bat_priv->mcast.num_want_all_unsnoopables, 0); | ||
+ atomic_set(&bat_priv->mcast.num_want_all_ipv4, 0); | ||
+ atomic_set(&bat_priv->mcast.num_want_all_ipv6, 0); | ||
+diff --git a/net/batman-adv/types.h b/net/batman-adv/types.h | ||
+index d92605579811..1f4709f54a29 100644 | ||
+--- a/net/batman-adv/types.h | ||
++++ b/net/batman-adv/types.h | ||
+@@ -1613,6 +1613,13 @@ struct batadv_priv { | ||
+ * multicast-to-unicast conversion | ||
+ */ | ||
+ atomic_t multicast_fanout; | ||
++ | ||
++ /** | ||
++ * @multicast_mld_rtr_only: bool indicating whether to send IGMP/MLD | ||
++ * reports only to multicast routers or to flood them otherwise. | ||
++ * Warning: The former is experimental and potentially unsafe! | ||
++ */ | ||
++ atomic_t multicast_mld_rtr_only; | ||
+ #endif | ||
+ | ||
+ /** @orig_interval: OGM broadcast interval in milliseconds */ | ||
+-- | ||
+2.40.1 | ||
+ |
Oops, something went wrong.