bridge: multicast to unicast
authorFelix Fietkau <nbd@nbd.name>
Sat, 21 Jan 2017 20:01:32 +0000 (21:01 +0100)
committerDavid S. Miller <davem@davemloft.net>
Tue, 24 Jan 2017 17:39:52 +0000 (12:39 -0500)
Implements an optional, per bridge port flag and feature to deliver
multicast packets to any host on the according port via unicast
individually. This is done by copying the packet per host and
changing the multicast destination MAC to a unicast one accordingly.

multicast-to-unicast works on top of the multicast snooping feature of
the bridge. Which means unicast copies are only delivered to hosts which
are interested in it and signalized this via IGMP/MLD reports
previously.

This feature is intended for interface types which have a more reliable
and/or efficient way to deliver unicast packets than broadcast ones
(e.g. wifi).

However, it should only be enabled on interfaces where no IGMPv2/MLDv1
report suppression takes place. This feature is disabled by default.

The initial patch and idea is from Felix Fietkau.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
[linus.luessing@c0d3.blue: various bug + style fixes, commit message]
Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/linux/if_bridge.h
include/uapi/linux/if_link.h
net/bridge/br_forward.c
net/bridge/br_mdb.c
net/bridge/br_multicast.c
net/bridge/br_netlink.c
net/bridge/br_private.h
net/bridge/br_sysfs_if.c

index c6587c01d9514b0074e3a63e40ce951f93178d4b..debc9d5904e5cf624a607592177d20395c737f74 100644 (file)
@@ -46,6 +46,7 @@ struct br_ip_list {
 #define BR_LEARNING_SYNC       BIT(9)
 #define BR_PROXYARP_WIFI       BIT(10)
 #define BR_MCAST_FLOOD         BIT(11)
+#define BR_MULTICAST_TO_UNICAST        BIT(12)
 
 #define BR_DEFAULT_AGEING_TIME (300 * HZ)
 
index 184b16ed2b846fded915a7e30a73c7a5b852451a..b9aa5641ebe50d9ceed691625298a7ffe6da3719 100644 (file)
@@ -321,6 +321,7 @@ enum {
        IFLA_BRPORT_MULTICAST_ROUTER,
        IFLA_BRPORT_PAD,
        IFLA_BRPORT_MCAST_FLOOD,
+       IFLA_BRPORT_MCAST_TO_UCAST,
        __IFLA_BRPORT_MAX
 };
 #define IFLA_BRPORT_MAX (__IFLA_BRPORT_MAX - 1)
index 7cb41aee4c82e63b4f278e64564c3ab7e8db3e10..a0f9d0037d24143cfd603139e091a63850db205c 100644 (file)
@@ -174,6 +174,31 @@ out:
        return p;
 }
 
+static void maybe_deliver_addr(struct net_bridge_port *p, struct sk_buff *skb,
+                              const unsigned char *addr, bool local_orig)
+{
+       struct net_device *dev = BR_INPUT_SKB_CB(skb)->brdev;
+       const unsigned char *src = eth_hdr(skb)->h_source;
+
+       if (!should_deliver(p, skb))
+               return;
+
+       /* Even with hairpin, no soliloquies - prevent breaking IPv6 DAD */
+       if (skb->dev == p->dev && ether_addr_equal(src, addr))
+               return;
+
+       skb = skb_copy(skb, GFP_ATOMIC);
+       if (!skb) {
+               dev->stats.tx_dropped++;
+               return;
+       }
+
+       if (!is_broadcast_ether_addr(addr))
+               memcpy(eth_hdr(skb)->h_dest, addr, ETH_ALEN);
+
+       __br_forward(p, skb, local_orig);
+}
+
 /* called under rcu_read_lock */
 void br_flood(struct net_bridge *br, struct sk_buff *skb,
              enum br_pkt_type pkt_type, bool local_rcv, bool local_orig)
@@ -241,10 +266,20 @@ void br_multicast_flood(struct net_bridge_mdb_entry *mdst,
                rport = rp ? hlist_entry(rp, struct net_bridge_port, rlist) :
                             NULL;
 
-               port = (unsigned long)lport > (unsigned long)rport ?
-                      lport : rport;
+               if ((unsigned long)lport > (unsigned long)rport) {
+                       port = lport;
+
+                       if (port->flags & BR_MULTICAST_TO_UNICAST) {
+                               maybe_deliver_addr(lport, skb, p->eth_addr,
+                                                  local_orig);
+                               goto delivered;
+                       }
+               } else {
+                       port = rport;
+               }
 
                prev = maybe_deliver(prev, port, skb, local_orig);
+delivered:
                if (IS_ERR(prev))
                        goto out;
                if (prev == port)
index 7dbc80d01eb00ab69fc06a0d613167651a9b15f2..056e6ac49d8fc7727fce8fc8320b8db4ac5351d2 100644 (file)
@@ -531,7 +531,7 @@ static int br_mdb_add_group(struct net_bridge *br, struct net_bridge_port *port,
                        break;
        }
 
-       p = br_multicast_new_port_group(port, group, *pp, state);
+       p = br_multicast_new_port_group(port, group, *pp, state, NULL);
        if (unlikely(!p))
                return -ENOMEM;
        rcu_assign_pointer(*pp, p);
index f66346122dc42a8adb1fe23e70fa537e8b8bc7aa..1de3438e36bf8f4e7c4242abdefdead4a8a2621c 100644 (file)
@@ -43,12 +43,14 @@ static void br_multicast_add_router(struct net_bridge *br,
 static void br_ip4_multicast_leave_group(struct net_bridge *br,
                                         struct net_bridge_port *port,
                                         __be32 group,
-                                        __u16 vid);
+                                        __u16 vid,
+                                        const unsigned char *src);
+
 #if IS_ENABLED(CONFIG_IPV6)
 static void br_ip6_multicast_leave_group(struct net_bridge *br,
                                         struct net_bridge_port *port,
                                         const struct in6_addr *group,
-                                        __u16 vid);
+                                        __u16 vid, const unsigned char *src);
 #endif
 unsigned int br_mdb_rehash_seq;
 
@@ -711,7 +713,8 @@ struct net_bridge_port_group *br_multicast_new_port_group(
                        struct net_bridge_port *port,
                        struct br_ip *group,
                        struct net_bridge_port_group __rcu *next,
-                       unsigned char flags)
+                       unsigned char flags,
+                       const unsigned char *src)
 {
        struct net_bridge_port_group *p;
 
@@ -726,12 +729,32 @@ struct net_bridge_port_group *br_multicast_new_port_group(
        hlist_add_head(&p->mglist, &port->mglist);
        setup_timer(&p->timer, br_multicast_port_group_expired,
                    (unsigned long)p);
+
+       if (src)
+               memcpy(p->eth_addr, src, ETH_ALEN);
+       else
+               memset(p->eth_addr, 0xff, ETH_ALEN);
+
        return p;
 }
 
+static bool br_port_group_equal(struct net_bridge_port_group *p,
+                               struct net_bridge_port *port,
+                               const unsigned char *src)
+{
+       if (p->port != port)
+               return false;
+
+       if (!(port->flags & BR_MULTICAST_TO_UNICAST))
+               return true;
+
+       return ether_addr_equal(src, p->eth_addr);
+}
+
 static int br_multicast_add_group(struct net_bridge *br,
                                  struct net_bridge_port *port,
-                                 struct br_ip *group)
+                                 struct br_ip *group,
+                                 const unsigned char *src)
 {
        struct net_bridge_port_group __rcu **pp;
        struct net_bridge_port_group *p;
@@ -758,13 +781,13 @@ static int br_multicast_add_group(struct net_bridge *br,
        for (pp = &mp->ports;
             (p = mlock_dereference(*pp, br)) != NULL;
             pp = &p->next) {
-               if (p->port == port)
+               if (br_port_group_equal(p, port, src))
                        goto found;
                if ((unsigned long)p->port < (unsigned long)port)
                        break;
        }
 
-       p = br_multicast_new_port_group(port, group, *pp, 0);
+       p = br_multicast_new_port_group(port, group, *pp, 0, src);
        if (unlikely(!p))
                goto err;
        rcu_assign_pointer(*pp, p);
@@ -783,7 +806,8 @@ err:
 static int br_ip4_multicast_add_group(struct net_bridge *br,
                                      struct net_bridge_port *port,
                                      __be32 group,
-                                     __u16 vid)
+                                     __u16 vid,
+                                     const unsigned char *src)
 {
        struct br_ip br_group;
 
@@ -794,14 +818,15 @@ static int br_ip4_multicast_add_group(struct net_bridge *br,
        br_group.proto = htons(ETH_P_IP);
        br_group.vid = vid;
 
-       return br_multicast_add_group(br, port, &br_group);
+       return br_multicast_add_group(br, port, &br_group, src);
 }
 
 #if IS_ENABLED(CONFIG_IPV6)
 static int br_ip6_multicast_add_group(struct net_bridge *br,
                                      struct net_bridge_port *port,
                                      const struct in6_addr *group,
-                                     __u16 vid)
+                                     __u16 vid,
+                                     const unsigned char *src)
 {
        struct br_ip br_group;
 
@@ -812,7 +837,7 @@ static int br_ip6_multicast_add_group(struct net_bridge *br,
        br_group.proto = htons(ETH_P_IPV6);
        br_group.vid = vid;
 
-       return br_multicast_add_group(br, port, &br_group);
+       return br_multicast_add_group(br, port, &br_group, src);
 }
 #endif
 
@@ -1081,6 +1106,7 @@ static int br_ip4_multicast_igmp3_report(struct net_bridge *br,
                                         struct sk_buff *skb,
                                         u16 vid)
 {
+       const unsigned char *src;
        struct igmpv3_report *ih;
        struct igmpv3_grec *grec;
        int i;
@@ -1121,12 +1147,14 @@ static int br_ip4_multicast_igmp3_report(struct net_bridge *br,
                        continue;
                }
 
+               src = eth_hdr(skb)->h_source;
                if ((type == IGMPV3_CHANGE_TO_INCLUDE ||
                     type == IGMPV3_MODE_IS_INCLUDE) &&
                    ntohs(grec->grec_nsrcs) == 0) {
-                       br_ip4_multicast_leave_group(br, port, group, vid);
+                       br_ip4_multicast_leave_group(br, port, group, vid, src);
                } else {
-                       err = br_ip4_multicast_add_group(br, port, group, vid);
+                       err = br_ip4_multicast_add_group(br, port, group, vid,
+                                                        src);
                        if (err)
                                break;
                }
@@ -1141,6 +1169,7 @@ static int br_ip6_multicast_mld2_report(struct net_bridge *br,
                                        struct sk_buff *skb,
                                        u16 vid)
 {
+       const unsigned char *src;
        struct icmp6hdr *icmp6h;
        struct mld2_grec *grec;
        int i;
@@ -1188,14 +1217,16 @@ static int br_ip6_multicast_mld2_report(struct net_bridge *br,
                        continue;
                }
 
+               src = eth_hdr(skb)->h_source;
                if ((grec->grec_type == MLD2_CHANGE_TO_INCLUDE ||
                     grec->grec_type == MLD2_MODE_IS_INCLUDE) &&
                    ntohs(*nsrcs) == 0) {
                        br_ip6_multicast_leave_group(br, port, &grec->grec_mca,
-                                                    vid);
+                                                    vid, src);
                } else {
                        err = br_ip6_multicast_add_group(br, port,
-                                                        &grec->grec_mca, vid);
+                                                        &grec->grec_mca, vid,
+                                                        src);
                        if (err)
                                break;
                }
@@ -1511,7 +1542,8 @@ br_multicast_leave_group(struct net_bridge *br,
                         struct net_bridge_port *port,
                         struct br_ip *group,
                         struct bridge_mcast_other_query *other_query,
-                        struct bridge_mcast_own_query *own_query)
+                        struct bridge_mcast_own_query *own_query,
+                        const unsigned char *src)
 {
        struct net_bridge_mdb_htable *mdb;
        struct net_bridge_mdb_entry *mp;
@@ -1535,7 +1567,7 @@ br_multicast_leave_group(struct net_bridge *br,
                for (pp = &mp->ports;
                     (p = mlock_dereference(*pp, br)) != NULL;
                     pp = &p->next) {
-                       if (p->port != port)
+                       if (!br_port_group_equal(p, port, src))
                                continue;
 
                        rcu_assign_pointer(*pp, p->next);
@@ -1566,7 +1598,7 @@ br_multicast_leave_group(struct net_bridge *br,
                for (p = mlock_dereference(mp->ports, br);
                     p != NULL;
                     p = mlock_dereference(p->next, br)) {
-                       if (p->port != port)
+                       if (!br_port_group_equal(p, port, src))
                                continue;
 
                        if (!hlist_unhashed(&p->mglist) &&
@@ -1617,7 +1649,8 @@ out:
 static void br_ip4_multicast_leave_group(struct net_bridge *br,
                                         struct net_bridge_port *port,
                                         __be32 group,
-                                        __u16 vid)
+                                        __u16 vid,
+                                        const unsigned char *src)
 {
        struct br_ip br_group;
        struct bridge_mcast_own_query *own_query;
@@ -1632,14 +1665,15 @@ static void br_ip4_multicast_leave_group(struct net_bridge *br,
        br_group.vid = vid;
 
        br_multicast_leave_group(br, port, &br_group, &br->ip4_other_query,
-                                own_query);
+                                own_query, src);
 }
 
 #if IS_ENABLED(CONFIG_IPV6)
 static void br_ip6_multicast_leave_group(struct net_bridge *br,
                                         struct net_bridge_port *port,
                                         const struct in6_addr *group,
-                                        __u16 vid)
+                                        __u16 vid,
+                                        const unsigned char *src)
 {
        struct br_ip br_group;
        struct bridge_mcast_own_query *own_query;
@@ -1654,7 +1688,7 @@ static void br_ip6_multicast_leave_group(struct net_bridge *br,
        br_group.vid = vid;
 
        br_multicast_leave_group(br, port, &br_group, &br->ip6_other_query,
-                                own_query);
+                                own_query, src);
 }
 #endif
 
@@ -1712,6 +1746,7 @@ static int br_multicast_ipv4_rcv(struct net_bridge *br,
                                 u16 vid)
 {
        struct sk_buff *skb_trimmed = NULL;
+       const unsigned char *src;
        struct igmphdr *ih;
        int err;
 
@@ -1731,13 +1766,14 @@ static int br_multicast_ipv4_rcv(struct net_bridge *br,
        }
 
        ih = igmp_hdr(skb);
+       src = eth_hdr(skb)->h_source;
        BR_INPUT_SKB_CB(skb)->igmp = ih->type;
 
        switch (ih->type) {
        case IGMP_HOST_MEMBERSHIP_REPORT:
        case IGMPV2_HOST_MEMBERSHIP_REPORT:
                BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
-               err = br_ip4_multicast_add_group(br, port, ih->group, vid);
+               err = br_ip4_multicast_add_group(br, port, ih->group, vid, src);
                break;
        case IGMPV3_HOST_MEMBERSHIP_REPORT:
                err = br_ip4_multicast_igmp3_report(br, port, skb_trimmed, vid);
@@ -1746,7 +1782,7 @@ static int br_multicast_ipv4_rcv(struct net_bridge *br,
                err = br_ip4_multicast_query(br, port, skb_trimmed, vid);
                break;
        case IGMP_HOST_LEAVE_MESSAGE:
-               br_ip4_multicast_leave_group(br, port, ih->group, vid);
+               br_ip4_multicast_leave_group(br, port, ih->group, vid, src);
                break;
        }
 
@@ -1766,6 +1802,7 @@ static int br_multicast_ipv6_rcv(struct net_bridge *br,
                                 u16 vid)
 {
        struct sk_buff *skb_trimmed = NULL;
+       const unsigned char *src;
        struct mld_msg *mld;
        int err;
 
@@ -1785,8 +1822,10 @@ static int br_multicast_ipv6_rcv(struct net_bridge *br,
 
        switch (mld->mld_type) {
        case ICMPV6_MGM_REPORT:
+               src = eth_hdr(skb)->h_source;
                BR_INPUT_SKB_CB(skb)->mrouters_only = 1;
-               err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid);
+               err = br_ip6_multicast_add_group(br, port, &mld->mld_mca, vid,
+                                                src);
                break;
        case ICMPV6_MLD2_REPORT:
                err = br_ip6_multicast_mld2_report(br, port, skb_trimmed, vid);
@@ -1795,7 +1834,8 @@ static int br_multicast_ipv6_rcv(struct net_bridge *br,
                err = br_ip6_multicast_query(br, port, skb_trimmed, vid);
                break;
        case ICMPV6_MGM_REDUCTION:
-               br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid);
+               src = eth_hdr(skb)->h_source;
+               br_ip6_multicast_leave_group(br, port, &mld->mld_mca, vid, src);
                break;
        }
 
index 71c7453268c1cf5a34949b0451f457ac18a4657b..6c087cd049b91af1d99ccf5a72d8cc5e58409c30 100644 (file)
@@ -123,6 +123,7 @@ static inline size_t br_port_info_size(void)
                + nla_total_size(1)     /* IFLA_BRPORT_GUARD */
                + nla_total_size(1)     /* IFLA_BRPORT_PROTECT */
                + nla_total_size(1)     /* IFLA_BRPORT_FAST_LEAVE */
+               + nla_total_size(1)     /* IFLA_BRPORT_MCAST_TO_UCAST */
                + nla_total_size(1)     /* IFLA_BRPORT_LEARNING */
                + nla_total_size(1)     /* IFLA_BRPORT_UNICAST_FLOOD */
                + nla_total_size(1)     /* IFLA_BRPORT_PROXYARP */
@@ -173,6 +174,8 @@ static int br_port_fill_attrs(struct sk_buff *skb,
                       !!(p->flags & BR_ROOT_BLOCK)) ||
            nla_put_u8(skb, IFLA_BRPORT_FAST_LEAVE,
                       !!(p->flags & BR_MULTICAST_FAST_LEAVE)) ||
+           nla_put_u8(skb, IFLA_BRPORT_MCAST_TO_UCAST,
+                      !!(p->flags & BR_MULTICAST_TO_UNICAST)) ||
            nla_put_u8(skb, IFLA_BRPORT_LEARNING, !!(p->flags & BR_LEARNING)) ||
            nla_put_u8(skb, IFLA_BRPORT_UNICAST_FLOOD,
                       !!(p->flags & BR_FLOOD)) ||
@@ -586,6 +589,7 @@ static const struct nla_policy br_port_policy[IFLA_BRPORT_MAX + 1] = {
        [IFLA_BRPORT_PROXYARP]  = { .type = NLA_U8 },
        [IFLA_BRPORT_PROXYARP_WIFI] = { .type = NLA_U8 },
        [IFLA_BRPORT_MULTICAST_ROUTER] = { .type = NLA_U8 },
+       [IFLA_BRPORT_MCAST_TO_UCAST] = { .type = NLA_U8 },
 };
 
 /* Change the state of the port and notify spanning tree */
@@ -636,6 +640,7 @@ static int br_setport(struct net_bridge_port *p, struct nlattr *tb[])
        br_set_port_flag(p, tb, IFLA_BRPORT_LEARNING, BR_LEARNING);
        br_set_port_flag(p, tb, IFLA_BRPORT_UNICAST_FLOOD, BR_FLOOD);
        br_set_port_flag(p, tb, IFLA_BRPORT_MCAST_FLOOD, BR_MCAST_FLOOD);
+       br_set_port_flag(p, tb, IFLA_BRPORT_MCAST_TO_UCAST, BR_MULTICAST_TO_UNICAST);
        br_set_port_flag(p, tb, IFLA_BRPORT_PROXYARP, BR_PROXYARP);
        br_set_port_flag(p, tb, IFLA_BRPORT_PROXYARP_WIFI, BR_PROXYARP_WIFI);
 
index 8ce621e8345c478700ee64b76e41a98b2bd81d16..0b82a227fc3418acbac5e9e6fd5ef3ab6f8f1876 100644 (file)
@@ -177,6 +177,7 @@ struct net_bridge_port_group {
        struct timer_list               timer;
        struct br_ip                    addr;
        unsigned char                   flags;
+       unsigned char                   eth_addr[ETH_ALEN];
 };
 
 struct net_bridge_mdb_entry
@@ -599,7 +600,7 @@ void br_multicast_free_pg(struct rcu_head *head);
 struct net_bridge_port_group *
 br_multicast_new_port_group(struct net_bridge_port *port, struct br_ip *group,
                            struct net_bridge_port_group __rcu *next,
-                           unsigned char flags);
+                           unsigned char flags, const unsigned char *src);
 void br_mdb_init(void);
 void br_mdb_uninit(void);
 void br_mdb_notify(struct net_device *dev, struct net_bridge_port *port,
index 8bd569695e76fb76112bd5c17fb1a8027c6590a5..05e8946ccc03554b8c842bd742bf6bed982f7ea6 100644 (file)
@@ -188,6 +188,7 @@ static BRPORT_ATTR(multicast_router, S_IRUGO | S_IWUSR, show_multicast_router,
                   store_multicast_router);
 
 BRPORT_ATTR_FLAG(multicast_fast_leave, BR_MULTICAST_FAST_LEAVE);
+BRPORT_ATTR_FLAG(multicast_to_unicast, BR_MULTICAST_TO_UNICAST);
 #endif
 
 static const struct brport_attribute *brport_attrs[] = {
@@ -214,6 +215,7 @@ static const struct brport_attribute *brport_attrs[] = {
 #ifdef CONFIG_BRIDGE_IGMP_SNOOPING
        &brport_attr_multicast_router,
        &brport_attr_multicast_fast_leave,
+       &brport_attr_multicast_to_unicast,
 #endif
        &brport_attr_proxyarp,
        &brport_attr_proxyarp_wifi,