From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au Authentication-Results: passt.top; dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202410 header.b=eL8UaLQ/; dkim-atps=neutral Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by passt.top (Postfix) with ESMTPS id F415C5A004C for ; Thu, 17 Oct 2024 07:33:15 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gibson.dropbear.id.au; s=202410; t=1729143190; bh=BbTfCwNEIXafmTAnq5wdNewF9/uJYtVuPEto6XGzxCk=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=eL8UaLQ/GOcaYwLpD1yNGljEd8W1z82gC/njyEYPrgnc8G8a0+SGHebWb6KiqfYcg IDPnxPnHZM+Os1ZQfOWMdFYLeFf0Vs3lDZBIfT7BY+hscQ5hFp4GbRh2oHt5zXYl+N 8MB5MG6VzPCIdCNZNIegU8aZaLi9RqsYnkgHmT0rlRSqi3q7AJJnI5uMXt+JzQ/Z/i CWrghNenSFx8fhylTye8oc0J0E+i2m5gGrLNGRIeiIKUiBvcAqSpPfp0hgDBVAmTMq N5RHanPkhNJvPA7KcGQXhuIvEfvJncJOcJN17gPPQKzNNf6hx9uZ5ZtvyaNPiugKba y7RM1wurWk1dw== Received: by gandalf.ozlabs.org (Postfix, from userid 1007) id 4XTc1f6gDHz4wxx; Thu, 17 Oct 2024 16:33:10 +1100 (AEDT) Date: Thu, 17 Oct 2024 16:06:29 +1100 From: David Gibson To: Stefano Brivio Subject: Re: [PATCH v3 4/4] fwd: Direct inbound spliced forwards to the guest's external address Message-ID: References: <20241002054826.1812844-1-david@gibson.dropbear.id.au> <20241002054826.1812844-5-david@gibson.dropbear.id.au> <20241009150721.63af48f6@elisabeth> <20241009224433.7fc28fc7@elisabeth> <20241016172648.666b0f8c@elisabeth> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="9HaX7JqQwajN/OWf" Content-Disposition: inline In-Reply-To: <20241016172648.666b0f8c@elisabeth> Message-ID-Hash: 4AMWHIF72PUCF7DRT634WWUD2MNLUTHC X-Message-ID-Hash: 4AMWHIF72PUCF7DRT634WWUD2MNLUTHC X-MailFrom: dgibson@gandalf.ozlabs.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: passt-dev@passt.top X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --9HaX7JqQwajN/OWf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Oct 16, 2024 at 05:26:48PM +0200, Stefano Brivio wrote: [snip] > Adding 2-second delays as we have them for NDP doesn't look that bad: > $ grep --exclude-dir=3Ddemo -rn "dhclient -6" pasta/dhcp:37:ns > /sbin/dhclient -6 --no-pid __IFNAME__ passt_in_ns/dhcp:54:guest > /sbin/dhclient -6 __IFNAME__ passt/dhcp:51:guest /sbin/dhclient -6 > __IFNAME__ perf/passt_tcp:117:guest dhclient -6 -x > perf/passt_tcp:118:guest dhclient -6 __IFNAME__ > two_guests/basic:40:guest1 /sbin/dhclient -6 __IFNAME1__ > two_guests/basic:41:guest2 /sbin/dhclient -6 __IFNAME2__ > given that we don't need it on dhclient -x, tests would take about > 12 seconds longer. > Or we could switch to the arp off / nodad / arp on approach for > everything, including SLAAC: > $ grep --exclude-dir=3Ddemo --exclude-dir=3Dmbuto --exclude-dir=3Ddistro > --exclude-dir=3Dmemory -rn "sleep[ $(printf '\t')].*2" > pasta/ndp:21:sleep 2 passt_in_ns/icmp:29:ns ip addr add 2001:db8::1 > dev __IFNAME_NS__ && sleep 2 # DAD passt/ndp:19:guest ip link set > dev __IFNAME__ up && sleep 2 two_guests/basic:39:sleep 2 > and save slightly less than 8 seconds. If you ask me, I would have a > slight preference for the nodad approach. Much as I don't like making the tests slower, I don't think the nodad approach is a good idea. It's fine if we think of the NDP/DHCP only as setting things up for the transfer tests. But they also serve the purpose of testing the NDP and DHCP paths themselves. For that purpose we should perform a full "normal" configuration, including DAD. [e.g. if we really did manage to break our NS responses so that we totally broke DAD, we'd want our tests to catch that]. I have a draft implementation of explicitly waiting for DAD to complete both for SLAAC and for DHCPv6, patches coming shortly. --=20 David Gibson (he or they) | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you, not the other way | around. http://www.ozlabs.org/~dgibson --9HaX7JqQwajN/OWf Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmcQm0UACgkQzQJF27ox 2GcKKA//WMz6zJXwlzGx5Z9emtikDeH9nV9YV4LhhBktfogSoourKknnXrAMnGws bpFmJ3N7ouwz8RdI0z83MgFIEagyklVrqDj1R4AgTuWglB/2bT/niNzeMR/CkVbz MAoc/wYRODHtxNB68JOPIv/GEHB6+cbEynOC+wOL1jzIlaDeAJKTx3GW0zGtTnqZ Gxw1+c3PnqM9rq5GN85GmBzOuuSG4j1RWpXV2inIQKDxdfqMx2z9+jziXtjcXp4C bqmT/eG/8BKIvARAB0ZDRPm6Xq/Crb+Iv4TdhZexDg9L1ls2E7kd3/cCPnoS293G V1+YYD+R90pC1JLPUwJRSs8l/rA6jH01xs4sDEGNWrT1qkaAfeETyHR29uiqkCar 6FKvQ8NP4d8pN8gY4se9nTCGLncLokwhD20s2e/bHQcxu+JTd7nB6cLV3ejuxWgu 55ckN1uUbFahrGESwH72BD0SmxtoSj7XTqXm9wzmk2QVeHl/+8hQATaLEHiMGegr UrYn6d0ClTo4Yz8yrT+i+ZIQiDYjYKavmrIqgQ3qhJuHadweeY9hiE4Exbm95VK8 U6OmfMBf1GG5BHOoc+xhMaC1m15mNvFwbVQ6EXtFO8yxo0R3JTDJVCnnnG4xFIYx QQIlexkSxPTj15aBF3TnLaO6boJuw/ZciYu7vueIqC56bQtIdk4= =HzCl -----END PGP SIGNATURE----- --9HaX7JqQwajN/OWf--