On Wed, 20 Feb 2019 20:56:04 +0000, Russell King <rmk+ker...@armlinux.org.uk> wrote: > Switches work by learning the MAC address for each attached station by > monitoring traffic from each station. When a station sends a packet, > the switch records which port the MAC address is connected to. > > With IPv4 networking, before communication commences with a neighbour, > an ARP packet is broadcasted to all stations asking for the MAC address > corresponding with the IPv4. The desired station responds with an ARP > reply, and the ARP reply causes the switch to learn which port the > station is connected to. > > With IPv6 networking, the situation is rather different. Rather than > broadcasting ARP packets, a "neighbour solicitation" is multicasted > rather than broadcasted. This multicast needs to reach the intended > station in order for the neighbour to be discovered. > > Once a neighbour has been discovered, and entered into the sending > stations neighbour cache, communication can restart at a point later > without sending a new neighbour solicitation, even if the entry in > the neighbour cache is marked as stale. This can be after the MAC > address has expired from the forwarding cache of the DSA switch - > when that occurs, there is a long pause in communication. > > Our DSA implementation for mv88e6xxx switches disables flooding of > multicast and unicast frames for bridged ports. As per the above > description, this is fine for IPv4 networking, since the broadcasted > ARP queries will be sent to and received by all stations on the same > network. However, this breaks IPv6 very badly - blocking neighbour > solicitations and later causing connections to stall. > > The defaults that the Linux bridge code expect from bridges are for > unknown unicast and unknown multicast frames to be flooded to all ports > on the bridge, which is at odds to the defaults adopted by our DSA > implementation for mv88e6xxx switches. > > This commit enables by default flooding of both unknown unicast and > unknown multicast frames whenever a port is added to a bridge, and > disables the flooding when a port leaves the bridge. This means that > mv88e6xxx DSA switches now behave as per the bridge(8) man page, and > IPv6 works flawlessly through such a switch. > > Signed-off-by: Russell King <rmk+ker...@armlinux.org.uk>
Reviewed-by: Vivien Didelot <vivien.dide...@gmail.com>
