• Ido Schimmel's avatar
    bridge: Add backup nexthop ID support · 29cfb2aa
    Ido Schimmel authored
    Add a new bridge port attribute that allows attaching a nexthop object
    ID to an skb that is redirected to a backup bridge port with VLAN
    tunneling enabled.
    
    Specifically, when redirecting a known unicast packet, read the backup
    nexthop ID from the bridge port that lost its carrier and set it in the
    bridge control block of the skb before forwarding it via the backup
    port. Note that reading the ID from the bridge port should not result in
    a cache miss as the ID is added next to the 'backup_port' field that was
    already accessed. After this change, the 'state' field still stays on
    the first cache line, together with other data path related fields such
    as 'flags and 'vlgrp':
    
    struct net_bridge_port {
            struct net_bridge *        br;                   /*     0     8 */
            struct net_device *        dev;                  /*     8     8 */
            netdevice_tracker          dev_tracker;          /*    16     0 */
            struct list_head           list;                 /*    16    16 */
            long unsigned int          flags;                /*    32     8 */
            struct net_bridge_vlan_group * vlgrp;            /*    40     8 */
            struct net_bridge_port *   backup_port;          /*    48     8 */
            u32                        backup_nhid;          /*    56     4 */
            u8                         priority;             /*    60     1 */
            u8                         state;                /*    61     1 */
            u16                        port_no;              /*    62     2 */
            /* --- cacheline 1 boundary (64 bytes) --- */
    [...]
    } __attribute__((__aligned__(8)));
    
    When forwarding an skb via a bridge port that has VLAN tunneling
    enabled, check if the backup nexthop ID stored in the bridge control
    block is valid (i.e., not zero). If so, instead of attaching the
    pre-allocated metadata (that only has the tunnel key set), allocate a
    new metadata, set both the tunnel key and the nexthop object ID and
    attach it to the skb.
    
    By default, do not dump the new attribute to user space as a value of
    zero is an invalid nexthop object ID.
    
    The above is useful for EVPN multihoming. When one of the links
    composing an Ethernet Segment (ES) fails, traffic needs to be redirected
    towards the host via one of the other ES peers. For example, if a host
    is multihomed to three different VTEPs, the backup port of each ES link
    needs to be set to the VXLAN device and the backup nexthop ID needs to
    point to an FDB nexthop group that includes the IP addresses of the
    other two VTEPs. The VXLAN driver will extract the ID from the metadata
    of the redirected skb, calculate its flow hash and forward it towards
    one of the other VTEPs. If the ID does not exist, or represents an
    invalid nexthop object, the VXLAN driver will drop the skb. This
    relieves the bridge driver from the need to validate the ID.
    Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
    Acked-by: default avatarNikolay Aleksandrov <razor@blackwall.org>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    29cfb2aa
br_netlink.c 55.8 KB