| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 Dec 2012 10:10:06 +0200 From: Shmulik Ladkani <shmulik.ladkani@...il.com> To: Vlad Yasevich <vyasevic@...hat.com> Cc: netdev@...r.kernel.org, shemminger@...tta.com, davem@...emloft.net, or.gerlitz@...il.com, jhs@...atatu.com, mst@...hat.com Subject: Re: [PATCH V2 00/12] Add basic VLAN support to bridges Thanks Vlad, On Tue, 18 Dec 2012 14:00:51 -0500 Vlad Yasevich <vyasevic@...hat.com> wrote: > A single vlan may also be designated as untagged. Any untagged traffic > recieved by the port will be assigned to this vlan. Why the "untagged vlan" is per-bridge global? Usually, 802.1q switches define the PVID (port's VID) which controls the value of VID, in case ingress frame is either untagged or priority-tagged (per port configuration). This gives greater flexibility. > Any traffic exiting > the port with a VID matching the untagged vlan will exit untagged (the > bridge will strip the vlan header). This is similar to "Native Vlan" support > available in most switches. 802.1q switches usually allow conifguring per-vlan, per-port tagged/untagged egress policy: each vid has its port membership map and an accompanying port egress-policy map. This gives great flexibility defining all sorts of configurations. Personally, I'd prefer a fully flexible vlan bridge allowing all sorts of configurations (as available in 802.1q switches). What's the reason limiting such configurations? Regards, Shmulik -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists