On Sun, Aug 22, 2021 at 11:37:28PM +0000, Alvin Šipraga wrote: > >>>> + skb->offload_fwd_mark = 1; > >>> > >>> At the very least, please use > >>> > >>> dsa_default_offload_fwd_mark(skb); > >>> > >>> which does the right thing when the port is not offloading the bridge. > >> > >> Sure. Can you elaborate on what you mean by "at the very least"? Can it > >> be improved even further? > > > > The elaboration is right below. skb->offload_fwd_mark should be set to > > zero for packets that have been forwarded only to the host (like packets > > that have hit a trapping rule). I guess the switch will denote this > > piece of info through the REASON code. > > Yes, I think it will be communicated in REASON too. I haven't gotten to > deciphering the contents of this field since it has not been needed so > far: the ports are fully isolated and all bridging is done in software. In that case, setting skb->offload_fwd_mark to true is absolutely wrong, since the bridge is told that no software forwarding should be done between ports, as it was already done in hardware (see nbp_switchdev_allowed_egress). I wonder how this has ever worked? Are you completely sure that bridging is done in software?
