lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 25 Sep 2017 00:02:06 +0200
From:   Egil Hjelmeland <privat@...l-hjelmeland.no>
To:     Andrew Lunn <andrew@...n.ch>
Cc:     vivien.didelot@...oirfairelinux.com, f.fainelli@...il.com,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next 2/2] net: dsa: lan9303: Add basic offloading of
 unicast traffic

Den 23. sep. 2017 16:31, skrev Andrew Lunn:
>> The point is: Once both external ports are in "forwarding", I see no way
>> to prevent traffic flowing directly between the external ports.
> 
> Generally, there are port vectors. Port X can send frames only to Port
> Y.
> 
> If you don't have that, there are possibilities with VLANs. Each port
> is given a unique VLAN. All incoming untagged traffic is tagged with
> the VLAN. You just need to keep the VLAN separated and add/remove the
> VLAN tag in the dsa tag driver.
> 
>       Andrew
> 
Thanks. The lan9303 has nothing like "port vectors". The port tagging
scheme is VLAN based, but is does not prevent direct forwarding between
the external ports.

In order to not break the strong port separation in the current driver;
I will stick to my solution, and only add caching of the STP state
register.

Egil

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ