On 04/10/2014 07:13 PM, Herbert Xu wrote: > On Thu, Apr 10, 2014 at 07:09:30PM -0700, Eric Dumazet wrote: >> On Fri, 2014-04-11 at 09:59 +0800, Herbert Xu wrote: >>> On Thu, Apr 10, 2014 at 09:40:23PM -0400, David Miller wrote: >>>> From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> >>>> Date: Wed, 9 Apr 2014 01:23:49 +0800 >>>> >>>>> On Tue, Apr 08, 2014 at 09:48:40AM -0700, Ben Greear wrote: >>>>>> >>>>>> At least for ARPs, maybe we could inspect the packet and only >>>>>> deliver to interfaces configured with the MAC that is being >>>>>> ARPed for (or ones that are in promisc)? >>>>> >>>>> Yes this would definitely be a great optimisation. >>>> >>>> Yes and you can use the direct rather than the workqueue path. >>> >>> This would be a worthy optimisation for bridge.c too. In fact, >>> I wonder if it would be possible to share some of the broadcast/ >>> multicast logic between macvlan and bridge. >> >> But many ARP messages are broadcasted, particularly when you restart >> an hypervisor with thousand of macvlan. This is the moment we have >> this horrible quadratic behavior in macvlan. >> >> I do not understand the idea... >> >> ARP filter would require to inspect the queried IPv4 address, and >> macvlan do not currently have a list of IPv4 addresses per port. > > Indeed. Thanks for snapping us out of our collective daydream :) arp-filter can already do this, so you could just re-use that behaviour, I think? Thanks, Ben -- Ben Greear <greearb@xxxxxxxxxxxxxxx> Candela Technologies Inc http://www.candelatech.com -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html