lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 20 Dec 2012 12:08:13 +0200
From:	Vitalii Demianets <vitas@...factor.kiev.ua>
To:	Andrew Collins <bsderandrew@...il.com>
Cc:	Vlad Yasevich <vyasevic@...hat.com>, netdev@...r.kernel.org,
	shemminger@...tta.com, davem@...emloft.net, or.gerlitz@...il.com,
	jhs@...atatu.com, mst@...hat.com, erdnetdev@...il.com,
	jiri@...nulli.us
Subject: Re: [PATCH net-next V4 00/13] Add basic VLAN support to bridges

On Thursday 20 December 2012 00:54:27 Andrew Collins wrote:
> On Wed, Dec 19, 2012 at 10:48 AM, Vlad Yasevich <vyasevic@...hat.com> wrote:
> > This series of patches provides an ability to add VLANs to the bridge
> > ports.  This is similar to what can be found in most switches.  The
> > bridge port may have any number of VLANs added to it including vlan 0
> > priority tagged traffic.  When vlans are added to the port, only traffic
> > tagged with particular vlan will forwarded over this port.  Additionally,
> > vlan ids are added to FDB entries and become part of the lookup.  This
> > way we correctly identify the FDB entry.
>
> This is likely well beyond the scope of this change, but I figured I'd
> throw out the question anyway.  This changeset looks to bring the
> Linux bridging code closer to the 802.1Q-2005 definition of a bridge,
> which is nice to see, I'm curious if this changeset also opens up the
> possibility of supporting MSTP in the future?  The big thing I see
> missing is per-VLAN port state, although I'm not very familiar with
> the current STP/bridge interactions.  Has anyone put any thought into
> what other necessary bridge pieces might be missing for MSTP support?

I think, to be compatible with 802.1Q-2005 we need the following pieces:
1) Multiple FIDs (it is 802.1Q term for FDB) support. It means that kernel 
should support several independent FDBs on a single bridge. The 802.1Q-2005 
standard requires the number of supported FDBs to be no less than the number 
of different MSTIs the implementation supports;
2) VLAN-to-FDB mapping should be introduced;
3) Support of Multiple Spanning Tree Instances (MSTIs);
4) FDB-to-MSTI mapping should be introduced;
5) And finally, per-MST port states should be implemented.

> obviously something to handle the MSTP protocol itself would need to exist 
as well

Please look here: http://sourceforge.net/projects/mstpd/
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists